JavaMail配置SSL服务器及安装证书

阅读更多

客户给的邮件服务器要SSL,使用Spring的JavaMailSenderImpl,Spring配置如下

 


	
	
	
	
	
		
			${mail.smtp.timeout}
			${mail.smtp.auth}
		 	${mail.smtp.starttls.enable}
			${mail.smtp.port}
			javax.net.ssl.SSLSocketFactory
			false
		
	
 

mail.properties内容如下

 

mail.smtp.host=smtp.xyz.com
mail.smtp.port=465
mail.smtp.username=alerts+abc.net
mail.smtp.password=12345678
mail.smtp.auth=true
mail.smtp.starttls.enable=true
mail.smtp.timeout=50000
[email protected]
[email protected]

 

发送邮件时得到异常如下

 

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at org.springframework.mail.javamail.JavaMailSenderImpl.doSend(JavaMailSenderImpl.java:419)
    at org.springframework.mail.javamail.JavaMailSenderImpl.send(JavaMailSenderImpl.java:342)
Caused by: javax.mail.MessagingException: Exception reading response;
  nested exception is:
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at com.sun.mail.smtp.SMTPTransport.readServerResponse(SMTPTransport.java:1462)
    at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1260)
    ... 4 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
    ... 8 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
    at sun.security.validator.Validator.validate(Validator.java:218)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
    ... 20 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
    ... 26 more

 

Google一下,需要保存安装证书

 

官方的QA http://java.sun.com/products/javamail/FAQ.html#installcert

 

Q: When connecting to my mail server over SSL I get an exception like "unable to find valid certification path to requested target".
A: Your server is probably using a test certificate or self-signed certificate instead of a certificate signed by a commercial Certificate Authority. You'll need to install the server's certificate into your trust store. The InstallCert program will help.

 

在这里 http://blogs.sun.com/andreas/entry/no_more_unable_to_find 有解决方案

 

用 http://blogs.sun.com/andreas/resource/InstallCert.java 的代码来安装证书

 

运行 java InstallCert smtp.xyz.com:465
得到jssecacerts文件后复制到jdk1.6.0_14\jre\lib\security目录

 

然后再发送邮件就OK了

 

附件是 InstallCert.java

  • InstallCert.zip (2.6 KB)
  • 下载次数: 1154

你可能感兴趣的:(Java,SUN,Security,.net,Spring)