SMTP is not working with TLSv1.2

Summary

Trying to send e-mail by SMTP using TLSv1.2 causing OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=error: wrong version number)

Steps to reproduce

  1. Use SMTP server with TLSv1.2
  2. Setup smtp:
        gitlab_rails['smtp_enable'] = true
        gitlab_rails['smtp_address'] = "mail.example.ru"
        gitlab_rails['smtp_port'] = 587
        gitlab_rails['smtp_user_name'] = "mailer@example.ru"
        gitlab_rails['smtp_password'] = "PASSWORD"
        gitlab_rails['gitlab_email_from'] = 'mailer@example.ru'
        gitlab_rails['smtp_authentication'] = "login"
        gitlab_rails['smtp_ssl'] = true
        gitlab_rails['smtp_openssl_verify_mode'] = 'none'
        gitlab_rails['smtp_enable_starttls_auto'] = true

What is the current bug behavior?

E-mails not sending at all:

irb(main):001:0> Notify.test_email('my_test_email@example.ru', 'Message Subject', 'Message Body').deliver_now
Notify#test_email: processed outbound mail in 1.5ms
Sent mail to my_test_email@example.ru(204.6ms)
Date: Wed, 22 Jan 2020 10:57:15 +0000
From: GitLab <mailer@example.ru>
Reply-To: GitLab <noreply@gitlab.example.ru>
To: my_test_email@example.ru
Message-ID: <5e282a8b3611f_12a3fe27fad39a4458d1@89859bb64357.mail>
Subject: Message Subject
Mime-Version: 1.0
Content-Type: text/html;
 charset=UTF-8
Content-Transfer-Encoding: 7bit
Auto-Submitted: auto-generated
X-Auto-Response-Suppress: All

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html><body><p>Message Body</p></body></html>

Traceback (most recent call last):
        1: from (irb):1
OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=error: wrong version number)

What is the expected correct behavior?

E-mails work well

Relevant logs

/opt/gitlab/embedded/bin/openssl s_client -connect mail.example.ru:587 -starttls smtp -tlsextdebug < /dev/null | grep TLS 
TLS server extension "extended master secret" (id=23), len=0
TLS server extension "renegotiation info" (id=65281), len=1
depth=2 C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = AlphaSSL CA - SHA256 - G2
verify return:1
depth=0 OU = Domain Control Validated, CN = *.example.ru
verify return:1
250 CHUNKING
DONE
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-SHA256
    Protocol  : TLSv1.2

Environment details

  • Operating System: Docker
  • Installation Target, remove incorrect values:
    • Other: gitlab/gitlab-ce:12.6.4-ce.0
  • Installation Type, remove incorrect values:
    • Upgrade from version gitlab/gitlab-ce:12.5.5-ce.0
  • Is there any other software running on the machine: run inside docker
  • Is this a single or multiple node installation? official docker image
  • Resources
    • CPU: 3 cores
    • Memory total: 7974+2043(swap)

Configuration details

Above