JavaMail SSL，不带身份验证信任证书，无论如何 [英] JavaMail SSL with no Authentication trust certificate regardless

问题描述

我有一个具有SSL(端口465)和自签名证书的本地邮件服务器(hMailServer).

I have a local mail server (hMailServer) with SSL (port 465) and a self-signed certificate.

域为"foobar.com"

Domain is "foobar.com"

我已将Properties设置为启用ssl，禁用身份验证并信任任何主机

I have setup my Properties to enable ssl, disable auth, and trust any host

    props.put("mail.smtp.auth", "false");
    props.put("mail.smtp.ssl.enable", "true");
    props.put("mail.smtp.ssl.trust", "*");

如果我通过静态调用将消息发送给Transport.send() 电子邮件已送达.

If I send the message through the static call to Transport.send() The email gets delivered.

如果我尝试从会话中获取transport实例，那么我会得到

If I try to get a transport instance from the session then I get

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

静态调用如何避免SSLHandshakeException?

这是我的测试人员代码:

Here's my tester code:

public static void main(String[] args) throws Exception {
    Properties props = new Properties();
    props.put("mail.smtp.host", "127.0.0.1");
    props.put("mail.debug", "false");
    props.put("mail.smtp.port", "465");
    props.put("mail.smtp.timeout", "60000");
    props.put("mail.smtp.auth", "false");
    props.put("mail.smtp.sendpartial", "true");
    props.put("mail.smtp.ssl.enable", "true");
    props.put("mail.smtp.ssl.trust", "*");
    Session session = Session.getInstance(props);
    Message message = new MimeMessage(session);
    message.setFrom(new InternetAddress("mrFoo@foobar.com"));
    message.setRecipients(Message.RecipientType.TO, InternetAddress.parse("you@foobar.com"));
    message.setSubject("Just a Test " + new Date());
    message.setText("Hello World");

    //Comment and uncomment to test   
    Transport.send(message, message.getAllRecipients());

    //Transport t = session.getTransport("smtps");
    //t.connect();
    //t.sendMessage(message, message.getAllRecipients());
    //t.close();
}

这是一个隐藏在外部的本地系统，因此我不担心中间攻击的人会生成自己的证书来绕过SSL握手...

This is a local system hidden from the outside, so I am not worried about man in the middle attack generating their own certificates to bypass the SSL Handshake...

推荐答案

您要求"smtps"传输.设置"smtp"传输的属性.由于已将"mail.smtp.ssl.enable"属性设置为"true"，因此您只需请求"smtp"传输，它将使用SSL.

You asked for an "smtps" transport. You set the properties for the "smtp" transport. Since you've set the "mail.smtp.ssl.enable" property to "true", you can just ask for an "smtp" transport and it will use SSL.

这篇关于JavaMail SSL，不带身份验证信任证书，无论如何的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！