Using JavaMail with self signed certificates
•
Java
I have a servlet that contains the following code:
System.setProperty("javax.net.ssl.keyStore",getServletContext().getRealPath("keystore.jks"));
System.setProperty("javax.net.ssl.keyStorePassword","123456");
System.setProperty("javax.net.ssl.trustStore",getServletContext().getRealPath("keystore.jks"));
System.setProperty("javax.net.ssl.trustStorePassword","123456");
SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket("127.0.0.1",606);
With this code, I can use SSL (my case is mandatory) Later, in the same servlet, I need to send e - mail using JavaMail When I try to send this email without using the certificate in other code, it works, but when I try to use it, the following message is returned: use port 465 – >
DEBUG: setDebug: JavaMail version 1.4.7 DEBUG: setDebug: JavaMail version 1.4.7 DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Oracle] DEBUG SMTP: useEhlo true,useAuth true DEBUG SMTP: useEhlo true,useAuth true DEBUG SMTP: trying to connect to host "smtp.gmail.com",port 465,isSSL false
Aaand is trapped in this = P
Using port 587 – >
DEBUG: setDebug: JavaMail version 1.4.7
DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,port 587,isSSL false
220 mx.google.com ESMTP g66sm55412571yhd.11 - gsmtp
DEBUG SMTP: connected to host "smtp.gmail.com",port: 587
EHLO RAI-PC
250-mx.google.com at your service,[201.82.118.174]
250-SIZE 35882577
250-8BITMIME
250-STARTTLS
250 ENHANCEDSTATUSCODES
DEBUG SMTP: Found extension "SIZE",arg "35882577"
DEBUG SMTP: Found extension "8BITMIME",arg ""
DEBUG SMTP: Found extension "STARTTLS",arg ""
DEBUG SMTP: Found extension "ENHANCEDSTATUSCODES",arg ""
DEBUG SMTP: use8bit false
MAIL FROM:<raiavancinifranco@gmail.com>
530 5.7.0 Must issue a STARTTLS command first. g66sm55412571yhd.11 - gsmtp
DEBUG SMTP: got response code 530,with response: 530 5.7.0 Must issue a STARTTLS command first. g66sm55412571yhd.11 - gsmtp
RSET
250 2.1.5 Flushed g66sm55412571yhd.11 - gsmtp
DEBUG SMTP: MessagingException while sending,THROW:
com.sun.mail.smtp.SMTPSendFailedException: 530 5.7.0 Must issue a STARTTLS command first. g66sm55412571yhd.11 - gsmtp
at com.sun.mail.smtp.SMTPTransport.issueSendCommand(SMTPTransport.java:2108)
at com.sun.mail.smtp.SMTPTransport.mailFrom(SMTPTransport.java:1609)
at com.sun.mail.smtp.SMTPTransport.sendMessage(SMTPTransport.java:1117)
at javax.mail.Transport.send0(Transport.java:195)
at javax.mail.Transport.send(Transport.java:124)
at servlet.Main.service(Main.java:221)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1023)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
at java.util.concurrent.ThreadPoolExecutor.runWorker(UnkNown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(UnkNown Source)
at java.lang.Thread.run(UnkNown Source)
QUIT
221 2.0.0 closing connection g66sm55412571yhd.11 - gsmtp
Jul 10,2013 7:04:40 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet [servletMain] in context with path [/servicotcc] threw exception
java.lang.RuntimeException: com.sun.mail.smtp.SMTPSendFailedException: 530 5.7.0 Must issue a STARTTLS command first. g66sm55412571yhd.11 - gsmtp
at servlet.Main.service(Main.java:226)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1023)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
at java.util.concurrent.ThreadPoolExecutor.runWorker(UnkNown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(UnkNown Source)
at java.lang.Thread.run(UnkNown Source)
Caused by: com.sun.mail.smtp.SMTPSendFailedException: 530 5.7.0 Must issue a STARTTLS command first. g66sm55412571yhd.11 - gsmtp
at com.sun.mail.smtp.SMTPTransport.issueSendCommand(SMTPTransport.java:2108)
at com.sun.mail.smtp.SMTPTransport.mailFrom(SMTPTransport.java:1609)
at com.sun.mail.smtp.SMTPTransport.sendMessage(SMTPTransport.java:1117)
at javax.mail.Transport.send0(Transport.java:195)
at javax.mail.Transport.send(Transport.java:124)
at servlet.Main.service(Main.java:221)
... 17 more
Attribute code:
Properties props = new Properties();
props.put("mail.smtp.host","smtp.gmail.com");
props.put("mail.smtp.socketFactory.port","465");
props.put("mail.smtp.socketFactory.class","javax.net.ssl.SSLSocketFactory");
props.put("mail.smtp.auth","true");
props.put("mail.smtp.port","465");
I can't send such an email (I'm not sure why) What should I do?
– edit –
Import the Google SMTP certificate into my keystore and change the port and properties to:
Properties props = new Properties();
props.put("mail.smtp.host",sslsocketfactory);
props.put("mail.smtp.auth","465");
props.put("mail.smtp.ssl.enable","true");
props.put("mail.smtp.starttls.enable","true");
Change my output to:
DEBUG: setDebug: JavaMail version 1.4.7
DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,isSSL true
Jul 10,2013 8:26:46 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet [servletMain] in context with path [/servicotcc] threw exception
java.lang.RuntimeException: javax.mail.MessagingException: Could not connect to SMTP host: smtp.gmail.com,port: 465;
nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building Failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at servlet.Main.service(Main.java:229)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1023)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
at java.util.concurrent.ThreadPoolExecutor.runWorker(UnkNown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(UnkNown Source)
at java.lang.Thread.run(UnkNown Source)
Caused by: javax.mail.MessagingException: Could not connect to SMTP host: smtp.gmail.com,port: 465;
nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building Failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1961)
at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:654)
at javax.mail.Service.connect(Service.java:317)
at javax.mail.Service.connect(Service.java:176)
at javax.mail.Service.connect(Service.java:125)
at javax.mail.Transport.send0(Transport.java:194)
at javax.mail.Transport.send(Transport.java:124)
at servlet.Main.service(Main.java:224)
... 17 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building Failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(UnkNown Source)
at sun.security.ssl.SSLSocketImpl.fatal(UnkNown Source)
at sun.security.ssl.Handshaker.fatalSE(UnkNown Source)
at sun.security.ssl.Handshaker.fatalSE(UnkNown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(UnkNown Source)
at sun.security.ssl.ClientHandshaker.processMessage(UnkNown Source)
at sun.security.ssl.Handshaker.processLoop(UnkNown Source)
at sun.security.ssl.Handshaker.process_record(UnkNown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(UnkNown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(UnkNown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(UnkNown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(UnkNown Source)
at com.sun.mail.util.socketFetcher.configureSSLSocket(SocketFetcher.java:549)
at com.sun.mail.util.socketFetcher.createSocket(SocketFetcher.java:354)
at com.sun.mail.util.socketFetcher.getSocket(SocketFetcher.java:237)
at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1927)
... 24 more
Caused by: sun.security.validator.ValidatorException: PKIX path building Failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(UnkNown Source)
at sun.security.validator.PKIXValidator.engineValidate(UnkNown Source)
at sun.security.validator.Validator.validate(UnkNown Source)
at sun.security.ssl.x509trustmanagerImpl.validate(UnkNown Source)
at sun.security.ssl.x509trustmanagerImpl.checkTrusted(UnkNown Source)
at sun.security.ssl.x509trustmanagerImpl.checkServerTrusted(UnkNown Source)
... 36 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(UnkNown Source)
at java.security.cert.CertPathBuilder.build(UnkNown Source)
... 42 more
Solution
Get rid of the socket factory stuff:
See these Gmail examples
Gmail certificates need to be located in your trust store, not your key store
The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
二维码