没有身份验证信任证书的 JavaMail SSL

2022-01-17 00:00:00 smtp java jakarta-mail

我有一个带有 SSL(端口 465)和自签名证书的本地邮件服务器 (hMailServer).

I have a local mail server (hMailServer) with SSL (port 465) and a self-signed certificate.

域名是foobar.com"

Domain is "foobar.com"

我已设置我的 Properties 以启用 ssl、禁用身份验证并信任任何主机

I have setup my Properties to enable ssl, disable auth, and trust any host

    props.put("mail.smtp.auth", "false");
    props.put("mail.smtp.ssl.enable", "true");
    props.put("mail.smtp.ssl.trust", "*");

如果我通过对 Transport.send() 的静态调用发送消息电子邮件已送达.

If I send the message through the static call to Transport.send() The email gets delivered.

如果我尝试从会话中获取 transport 实例,那么我会得到

If I try to get a transport instance from the session then I get

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

静态调用如何避免 SSLHandshakeException?

这是我的测试代码:

public static void main(String[] args) throws Exception {
    Properties props = new Properties();
    props.put("mail.smtp.host", "127.0.0.1");
    props.put("mail.debug", "false");
    props.put("mail.smtp.port", "465");
    props.put("mail.smtp.timeout", "60000");
    props.put("mail.smtp.auth", "false");
    props.put("mail.smtp.sendpartial", "true");
    props.put("mail.smtp.ssl.enable", "true");
    props.put("mail.smtp.ssl.trust", "*");
    Session session = Session.getInstance(props);
    Message message = new MimeMessage(session);
    message.setFrom(new InternetAddress("mrFoo@foobar.com"));
    message.setRecipients(Message.RecipientType.TO, InternetAddress.parse("you@foobar.com"));
    message.setSubject("Just a Test " + new Date());
    message.setText("Hello World");

    //Comment and uncomment to test   
    Transport.send(message, message.getAllRecipients());

    //Transport t = session.getTransport("smtps");
    //t.connect();
    //t.sendMessage(message, message.getAllRecipients());
    //t.close();
}

这是一个从外部隐藏的本地系统,所以我不担心中间人攻击生成自己的证书以绕过 SSL 握手...

This is a local system hidden from the outside, so I am not worried about man in the middle attack generating their own certificates to bypass the SSL Handshake...

推荐答案

您要求smtps"传输.您设置smtp"传输的属性.由于您已将mail.smtp.ssl.enable"属性设置为true",因此您只需请求smtp"传输,它将使用 SSL.

You asked for an "smtps" transport. You set the properties for the "smtp" transport. Since you've set the "mail.smtp.ssl.enable" property to "true", you can just ask for an "smtp" transport and it will use SSL.

相关文章