没有 ssl 的 Java 邮件 - PKIX 路径构建失败:

2022-01-17 00:00:00 smtp starttls java jakarta-mail

我正在使用 java 邮件通过 smtp 发送电子邮件.下面给出的 smtp 设置:

I am using java mail to send emails over smtp. The smtp settings given below:

        Properties props = new Properties();
        Object put = props.put("mail.smtp.host", smtpHost);
        props.put("mail.smtp.user", smtpUser);
        props.put("mail.smtp.auth", true);
        props.put("mail.debug", mailDebug);
        props.put("mail.smtp.port", port);

已通过使用上述详细信息远程登录到我的 smtpHost 验证了 smtp 凭据.但是,当我在 java 邮件中使用上述设置时,出现以下异常.

The smtp credentials have been verified by telnetting to my smtpHost with the above details. However, I get the following exception when I use the above settings in java mail.

        250-AUTH PLAIN LOGIN
        250-STARTTLS
        250 HELP
        DEBUG SMTP: Found extension "SIZE", arg "52428800"
        DEBUG SMTP: Found extension "8BITMIME", arg ""
        DEBUG SMTP: Found extension "PIPELINING", arg ""
        DEBUG SMTP: Found extension "AUTH", arg "PLAIN LOGIN"
        DEBUG SMTP: Found extension "STARTTLS", arg ""
        DEBUG SMTP: Found extension "HELP", arg ""
        DEBUG SMTP: Attempt to authenticate
        DEBUG SMTP: check mechanisms: LOGIN PLAIN DIGEST-MD5 NTLM
        DEBUG SMTP: AUTH LOGIN command trace suppressed
        DEBUG SMTP: AUTH LOGIN failed
        Nov 29, 2012 11:54:40 AM com.Test main
        SEVERE: null
        javax.mail.AuthenticationFailedException: 535 Incorrect authentication data

当我添加行时:

        props.put("mail.smtp.starttls.enable", false);

它再次生成相同的身份验证失败异常.

It again generates the same authentication failed exception.

如果我将 ma​​il.smtp.starttls.enable 设置为 true,则身份验证成功,但出现以下异常:

If I set mail.smtp.starttls.enable to true, the authentication succeeds, but I get the following exception:

     220 TLS go ahead
     Nov 28, 2012 5:32:36 PM com.Test main
     SEVERE: null
     javax.mail.MessagingException: Could not convert socket to TLS;
     nested exception is:
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:1918)
    at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:652)
    at javax.mail.Service.connect(Service.java:317)

在浏览了有关第二个异常的各种论坛主题后,我运行了 InstallCert 程序来获取服务器的自签名证书.InstallCert 引发以下异常:

After going through various forum threads regarding the second exception, I ran the InstallCert program to fetch the server's self-signed certificate. The InstallCert throws the following exception:

            Opening connection to mydomain.com.au:443...
            Starting SSL handshake...
            javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
                    at sun.security.ssl.InputRecord.handleUnknownRecord(InputRecord.java:542)
                    at sun.security.ssl.InputRecord.read(InputRecord.java:374)
                    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:850)
                    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1190)
                    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1217)
                    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1201)
                    at InstallCert.main(InstallCert.java:100)
            Could not obtain server certificate chain

所以,看起来我的服务器没有 ssl,但启用了 starttls.将开启 STARTTLS 的邮件发送到没有 ssl 的服务器的正确参数是什么?

So, looks like my server does not have ssl, but starttls is enabled. What are the correct parameters for sending mail with STARTTLS on, to a server with no ssl?

推荐答案

这个 JavaMail 常见问题条目应该会有所帮助.

尝试像这样使用 MailSSLSocketFactory:

Try using MailSSLSocketFactory like this:

  MailSSLSocketFactory sf = new MailSSLSocketFactory();
  sf.setTrustAllHosts(true);
  props.put("mail.smtp.ssl.socketFactory", sf);

相关文章