JavaMail中的错误:PKIX路径构建失败无法找到请求目标的有效认证路径 [英] Error in JavaMail : PKIX path building failed unable to find valid certification path to requested target
问题描述
我正在尝试建立与imap的连接服务器,但是我的代码有问题。
这里是我的代码:
package mailpackage;
import java.util.Properties;
import javax.mail.Folder;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.NoSuchProviderException;
import javax.mail.PasswordAuthentication;
import javax.mail.Session;
import javax.mail.Store;
public class Connection实现Runnable
{
boolean done;
public Connection()
{
this.done = false;
}
@Override
public void run()
{
System.out.println(Connection from Connection Thread!);
while(!done)
{
String host =myhost; //相应更改
String mailStoreType =imap;
String username =myusername; //相应更改
String password =mypasswd; //相应更改
check(host,mailStoreType,username,password);
}
}
public static void receiveEmail(String host,String storeType,String username,String password)
{
try
{
属性属性= new Properties();
properties.put(mail.imap.com,主机);
properties.put(mail.imap.starttls.enable,true);
properties.put(mail.imap.auth,true); //如果需要验证
//如果您需要SSL
properties.put(mail.imap.socketFactory.port,993);请使用以下命令。
properties.put(mail.imap.socketFactory.class,javax.net.ssl.SSLSocketFactory);
properties.put(mail.imap.socketFactory.fallback,false);
会话emailSession = Session.getDefaultInstance(properties);
emailSession.setDebug(true);
// 2)创建IMAP存储对象并与Imap服务器连接
IMAPStore emailStore =(IMAPStore)emailSession.getStore(storeType);
emailStore.connect(host,username,password);
// 3)创建文件夹对象并打开它
文件夹emailFolder = emailStore.getFolder(INBOX);
emailFolder.open(Folder.READ_ONLY);
// 4)从数组中的文件夹中获取消息并打印
消息[] messages = emailFolder.getMessages(); (int i = 0; i< messages.length; i ++)
{
消息消息=消息[i];
MimeMessage m = new MimeMessage(emailSession);
m.setContent(((MimeMessage)messages [i])。getContent(),text / plain; charset = UTF-8);
System.out.println(---------------------------------);
System.out.println(电子邮件号+(i + 1));
System.out.println(Subject:+ message.getSubject());
System.out.println(From:+ message.getFrom()[0]);
System.out.println(Text:+ message.getContent()。toString());
m.writeTo(System.out);
}
// 5)关闭商店和文件夹对象
emailFolder.close(false);
emailStore.close();
}
catch(NoSuchProviderException e){e.printStackTrace();}
catch(MessagingException e){e.printStackTrace();}
catch(IOException e){e.printStackTrace();}
}
public void stopThread()
{
this.done = true;
}
}
我从另一个类调用线程, p>
connec = new Connection();
(new Thread(connec))。start();
我收到以下错误:
javax.mail.MessagingException:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效认证路径;
嵌套异常是:
javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到有效的认证路径请求目标
在com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:571)
在javax.mail.Service.connect(Service.java:288)
在javax .mail.Service.connect(Service.java:169)
在mailpackage.Connection.check(Connection.java:63)
在mailpackage.Connection.run(Connection.java:33)
java.lang.Thread.run(Thread.java:744)
导致:javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider。 certpath.SunCertPathBuilderException:无法找到有效的认证路径到请求的目标
在sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl .J ava:1884)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker .processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016 )
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:882)
at sun。 security.ssl.AppInputStream.read(AppInputStream.java:102)
在com.sun.mail.util.TraceInputStream.read(TraceInputStream.java:110)
在java.io.BufferedInputStream.fill( BufferedInputStream.java:235)
在java.io.BufferedInputStream.re ad(BufferedInputStream.java:254)
在com.sun.mail.iap.ResponseInputStream.readResponse(ResponseInputStream.java:98)
在com.sun.mail.iap.Response。< init> (Response.java:96)
在com.sun.mail.imap.protocol.IMAPResponse。< init>(IMAPResponse.java:61)
在com.sun.mail.imap.protocol。 IMAPResponse.readResponse(IMAPResponse.java:135)
在com.sun.mail.imap.protocol.IMAPProtocol.readResponse(IMAPProtocol.java:261)
在com.sun.mail.iap.Protocol。 < init>(Protocol.java:114)
在com.sun.mail.imap.protocol.IMAPProtocol。< init>(IMAPProtocol.java:104)
在com.sun.mail。 IMAPPS.ProtocolConnect :无法找到有效的认证路径请求目标
在sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl。 X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java: 126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
... 23更多
导致:sun.security.provider.certpath.SunCertPathBuilderException:无法在sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)上找到请求的目标
的有效证书路径
在java.security.cert.CertPathBuilder.build(CertPathBuilder.java: 268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
... 29更多
我读了一些关于PKIX路径错误的内容,它将证书添加到java存储区作为受信任的证书,但我不知道这是否是解决方案,如果我不知道如何做
//我没有访问邮件服务器
任何建议?谢谢!
确定问题解决!
< >解决方案是:
首先通过openssl从邮件服务器获取自签名证书:
echo | openssl s_client -connect yoursever:port 2>& 1 | sed -ne'/ -BEGIN CERTIFICATE - /,/ - END CERTIFICATE- / p'> yourcert.pem
然后将yourcert.pem文件保存到此路径/ Library / Java / Home / lib / security(在macOSX上),并将证书文件放入cacerts,如下所示
keytool -keystore cacerts -importcert -alias youralias - 文件yourcert.pem
默认密钥库密码为changeit
您可以查看使用此命令显示证书指纹的更改。
keytool -list -keystore cacerts
此后,您应该在VM中传递这些参数
(对于Windows和linux类型你的路径)
-Djavax.net.ssl.trustStore =/ Library / Java / Home / lib / security / cacerts / code>
-Djavax.net.ssl.trustStorePassword =changeit
对于调试:
-Djava.security.debug = certpath
-Djavax.net.debug = trustmanager
I am trying to build an email client app in android and right now i want to configure the javaMail part.
i am trying to establish the connection with the imap server but something is wrong with my code.. here is my code:
package mailpackage;
import java.util.Properties;
import javax.mail.Folder;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.NoSuchProviderException;
import javax.mail.PasswordAuthentication;
import javax.mail.Session;
import javax.mail.Store;
public class Connection implements Runnable
{
boolean done;
public Connection()
{
this.done=false;
}
@Override
public void run()
{
System.out.println("Hello from Connection Thread!");
while(!done)
{
String host = "myhost";// change accordingly
String mailStoreType = "imap";
String username = "myusername";// change accordingly
String password = "mypasswd";// change accordingly
check(host, mailStoreType, username, password);
}
}
public static void receiveEmail(String host, String storeType, String username, String password)
{
try
{
Properties properties = new Properties();
properties.put("mail.imap.com", host);
properties.put("mail.imap.starttls.enable","true");
properties.put("mail.imap.auth", "true"); // If you need to authenticate
// Use the following if you need SSL
properties.put("mail.imap.socketFactory.port", 993);
properties.put("mail.imap.socketFactory.class", "javax.net.ssl.SSLSocketFactory");
properties.put("mail.imap.socketFactory.fallback", "false");
Session emailSession = Session.getDefaultInstance(properties);
emailSession.setDebug(true);
//2) create the IMAP store object and connect with the Imap server
IMAPStore emailStore = (IMAPStore) emailSession.getStore(storeType);
emailStore.connect(host, username, password);
//3) create the folder object and open it
Folder emailFolder = emailStore.getFolder("INBOX");
emailFolder.open(Folder.READ_ONLY);
//4) retrieve the messages from the folder in an array and print it
Message[] messages = emailFolder.getMessages();
for (int i = 0; i <messages.length; i++)
{
Message message = messages[i];
MimeMessage m = new MimeMessage(emailSession);
m.setContent(((MimeMessage)messages[i]).getContent() , "text/plain; charset=UTF-8");
System.out.println("---------------------------------");
System.out.println("Email Number " + (i + 1));
System.out.println("Subject: " + message.getSubject());
System.out.println("From: " + message.getFrom()[0]);
System.out.println("Text: " + message.getContent().toString());
m.writeTo(System.out);
}
//5) close the store and folder objects
emailFolder.close(false);
emailStore.close();
}
catch (NoSuchProviderException e) {e.printStackTrace();}
catch (MessagingException e) {e.printStackTrace();}
catch (IOException e) {e.printStackTrace();}
}
public void stopThread()
{
this.done=true;
}
}
I call the thread from another class like this
connec=new Connection();
(new Thread(connec)).start();
I get the Following errors:
javax.mail.MessagingException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target;
nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:571)
at javax.mail.Service.connect(Service.java:288)
at javax.mail.Service.connect(Service.java:169)
at mailpackage.Connection.check(Connection.java:63)
at mailpackage.Connection.run(Connection.java:33)
at java.lang.Thread.run(Thread.java:744)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:882)
at sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
at com.sun.mail.util.TraceInputStream.read(TraceInputStream.java:110)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:235)
at java.io.BufferedInputStream.read(BufferedInputStream.java:254)
at com.sun.mail.iap.ResponseInputStream.readResponse(ResponseInputStream.java:98)
at com.sun.mail.iap.Response.<init>(Response.java:96)
at com.sun.mail.imap.protocol.IMAPResponse.<init>(IMAPResponse.java:61)
at com.sun.mail.imap.protocol.IMAPResponse.readResponse(IMAPResponse.java:135)
at com.sun.mail.imap.protocol.IMAPProtocol.readResponse(IMAPProtocol.java:261)
at com.sun.mail.iap.Protocol.<init>(Protocol.java:114)
at com.sun.mail.imap.protocol.IMAPProtocol.<init>(IMAPProtocol.java:104)
at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:538)
... 5 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
... 23 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
... 29 more
i read something about PKIX path error that says to add the cert to java store as a trusted cert, but i dont know if this is the solution for this, and if it is i dont know how to do it.
// i dont have access to the mail server
Any suggestions? thanks!
Ok problem solved!
The solution is this:
First get the self-signed certificate from the mail server via openssl:
echo | openssl s_client -connect yoursever:port 2>&1 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > yourcert.pem
Then save the yourcert.pem file into this path /Library/Java/Home/lib/security (on macOSX) and put the cert file into the cacerts like this
keytool -keystore cacerts -importcert -alias youralias -file yourcert.pem
The default keystore password is changeit
You can view the change that you made with this command that shows the Certificate fingerprint.
keytool -list -keystore cacerts
After this you should pass these argument in VM
(for windows and linux type yourpath between " " )
-Djavax.net.ssl.trustStore="/Library/Java/Home/lib/security/cacerts"
-Djavax.net.ssl.trustStorePassword="changeit"
For Debug:
-Djava.security.debug=certpath
-Djavax.net.debug=trustmanager
这篇关于JavaMail中的错误:PKIX路径构建失败无法找到请求目标的有效认证路径的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!