JavaMail配置SSL服务器及安装证书

欣水寓言

浏览: 1155253 次
性别:
来自: 上海

最近访客更多访客>>

u010475842

51414381

Jacen_Wang

rocex

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

博客分类：

Java

Java SUN Security .net Spring

客户给的邮件服务器要SSL，使用Spring的JavaMailSenderImpl，Spring配置如下

<bean id="javaMailSender" class="org.springframework.mail.javamail.JavaMailSenderImpl">  
    <property name="host" value="${mail.smtp.host}" />  
    <property name="username" value="${mail.smtp.username}" />  
    <property name="password" value="${mail.smtp.password}" />  
    <property name="port" value="${mail.smtp.port}" />  
    <property name="javaMailProperties">  
        <props>  
            <prop key="mail.smtp.timeout">${mail.smtp.timeout}</prop>  
            <prop key="mail.smtp.auth">${mail.smtp.auth}</prop>  
            <prop key="mail.smtp.starttls.enable">${mail.smtp.starttls.enable}</prop>  
            <prop key="mail.smtp.socketFactory.port">${mail.smtp.port}</prop>  
            <prop key="mail.smtp.socketFactory.class">javax.net.ssl.SSLSocketFactory</prop>  
            <prop key="mail.smtp.socketFactory.fallback">false</prop>  
        </props>  
    </property>  
</bean>

mail.properties内容如下

mail.smtp.host=smtp.xyz.com
mail.smtp.port=465
mail.smtp.username=alerts+abc.net
mail.smtp.password=12345678
mail.smtp.auth=true
mail.smtp.starttls.enable=true
mail.smtp.timeout=50000
mail.from=alerts@abc.net
mail.replyTo=alerts@abc.net

发送邮件时得到异常如下

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at org.springframework.mail.javamail.JavaMailSenderImpl.doSend(JavaMailSenderImpl.java:419)
    at org.springframework.mail.javamail.JavaMailSenderImpl.send(JavaMailSenderImpl.java:342)
Caused by: javax.mail.MessagingException: Exception reading response;
nested exception is:
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at com.sun.mail.smtp.SMTPTransport.readServerResponse(SMTPTransport.java:1462)
    at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1260)
    ... 4 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
    ... 8 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
    at sun.security.validator.Validator.validate(Validator.java:218)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
    ... 20 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
    ... 26 more

Google一下，需要保存安装证书

官方的QA http://java.sun.com/products/javamail/FAQ.html#installcert

Q: When connecting to my mail server over SSL I get an exception like "unable to find valid certification path to requested target".
A: Your server is probably using a test certificate or self-signed certificate instead of a certificate signed by a commercial Certificate Authority. You'll need to install the server's certificate into your trust store. The InstallCert program will help.

在这里 http://blogs.sun.com/andreas/entry/no_more_unable_to_find 有解决方案

用 http://blogs.sun.com/andreas/resource/InstallCert.java 的代码来安装证书

运行 java InstallCert smtp.xyz.com:465
得到jssecacerts文件后复制到jdk1.6.0_14\jre\lib\security目录

然后再发送邮件就OK了

附件是 InstallCert.java

InstallCert.zip (2.5 KB)
下载次数: 160

分享到：

IE8 中 session 管理的变化 | 玩转FusionCharts:Div层被Flash遮住

2011-02-25 13:34
浏览 5952
评论(2)
分类:企业架构
查看更多

2 楼 liguo9860 2011-10-14

我错了，我吧smtp 写成 stmp了。怪不得连不上。。。

1 楼 liguo9860 2011-10-14

谢谢，不过为什么我用这个文件生成证书的时候报错，

SSLSocket socket = (SSLSocket)factory.createSocket(host, port);
上面这句话报 Exception in thread "main" java.net.ConnectException: Connection timed out: connect错误。

发表评论

您还没有登录,请您登录后再发表评论

最近访客更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论