javaMail MessagingException CertPathValidatorException
来源:互联网 发布:java连接池 编辑:程序博客网 时间:2024/06/07 19:09
W/System.err(2347): javax.mail.MessagingException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.; W/System.err(2347): nested exception is: W/System.err(2347): javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. W/System.err(2347): at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:571) W/System.err(2347): at javax.mail.Service.connect(Service.java:288) W/System.err(2347): at javax.mail.Service.connect(Service.java:169) W/System.err(2347): at com.jiangmen.zdaiapp.zconn.ConnectUtils.login(ConnectUtils.java:56) W/System.err(2347): at com.jiangmen.zdaiapp.login.SpActivity$4.run(SpActivity.java:165) W/System.err(2347): at java.lang.Thread.run(Thread.java:841) W/System.err(2347): Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. W/System.err(2347): at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:410) W/System.err(2347): at com.android.org.conscrypt.OpenSSLSocketImpl$SSLInputStream.<init>(OpenSSLSocketImpl.java:661) W/System.err(2347): at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:632) W/System.err(2347): at com.sun.mail.iap.Protocol.initStreams(Protocol.java:132) W/System.err(2347): at com.sun.mail.iap.Protocol.<init>(Protocol.java:111) W/System.err(2347): at com.sun.mail.imap.protocol.IMAPProtocol.<init>(IMAPProtocol.java:104) W/System.err(2347): at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:538) W/System.err(2347): ... 5 more W/System.err(2347): Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. W/System.err(2347): at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:288) W/System.err(2347): at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:208) W/System.err(2347): at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:611) W/System.err(2347): at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method) W/System.err(2347): at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:406) W/System.err(2347): ... 11 more W/System.err(2347): Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. W/System.err(2347): ... 16 more
方案一:忽略证书验证:(我使用的是这个,store.connect连接成功)
String SSL_SOCKET_FACTORY_OVERRIADE="com.jiangmen.zdaiapp.login.ssl.DummySSLSocketFactory";String SSL_FACTORY = "javax.net.ssl.SSLSocketFactory";Security.setProperty("ssl.SocketFactory.provider", SSL_SOCKET_FACTORY_OVERRIADE);Properties imapSSLProp = System.getProperties();imapSSLProp.setProperty("mail.imap.socketFactory.port", port);imapSSLProp.setProperty("mail.imap.port", port);imapSSLProp.setProperty("mail.imap.host", host);imapSSLProp.setProperty("mail.store.protocol", protocol);//2017-12-15-start-certificate check---STARTimapSSLProp.setProperty("mail.imap.starttls.enable", "false");//Disable TLSimapSSLProp.setProperty("mail.imaps.class", "com.sun.mail.imap.IMAPSSLStore");imapSSLProp.setProperty("mail.debug", "true"); imapSSLProp.setProperty("mail.imap.socketFactory.fallback ", "false");// Use SSLimapSSLProp.setProperty("mail.imap.ssl.checkserveridentity", "false");imapSSLProp.setProperty("mail.imap.ssl.trust", "*");imapSSLProp.setProperty("mail.imap.socketFactory.class", SSL_SOCKET_FACTORY_OVERRIADE);////2017-12-15-start-certificate check-----ENDSession session=Session.getDefaultInstance(imapSSLProp);session.setDebug(false);Store store = session.getStore(protocol);// setSslSocketFactorystore.connect(host, user, password);
使用的代码:
1.DummySSLSocketFactory
import java.io.IOException;import java.net.InetAddress;import java.net.Socket;import javax.net.SocketFactory;import javax.net.ssl.SSLContext;import javax.net.ssl.SSLSocketFactory;import javax.net.ssl.TrustManager;public class DummySSLSocketFactory extends SSLSocketFactory { private SSLSocketFactory factory; public DummySSLSocketFactory() { try { SSLContext sslcontext = SSLContext.getInstance( "TLS"); sslcontext.init( null, // No KeyManager required new TrustManager[] { (TrustManager) new DummyTrustManager()}, new java.security.SecureRandom()); factory = ( SSLSocketFactory) sslcontext.getSocketFactory(); } catch( Exception ex) { ex.printStackTrace(); } } public static SocketFactory getDefault() { return new DummySSLSocketFactory(); } public Socket createSocket() throws IOException { return factory.createSocket(); } public Socket createSocket( Socket socket, String s, int i, boolean flag) throws IOException { return factory.createSocket( socket, s, i, flag); } public Socket createSocket( InetAddress inaddr, int i, InetAddress inaddr1, int j) throws IOException { return factory.createSocket( inaddr, i, inaddr1, j); } public Socket createSocket( InetAddress inaddr, int i) throws IOException { return factory.createSocket( inaddr, i); } public Socket createSocket( String s, int i, InetAddress inaddr, int j) throws IOException { return factory.createSocket( s, i, inaddr, j); } public Socket createSocket( String s, int i) throws IOException { return factory.createSocket( s, i); } public String[] getDefaultCipherSuites() { return factory.getSupportedCipherSuites(); } public String[] getSupportedCipherSuites() { return factory.getSupportedCipherSuites(); }}2.DummyTrustManager
import java.security.cert.CertificateException;import java.security.cert.X509Certificate;import javax.net.ssl.X509TrustManager;//import com.sun.net.ssl.X509TrustManager;public class DummyTrustManager implements X509TrustManager{ public boolean isClientTrusted( X509Certificate[] cert) { return true; } public boolean isServerTrusted( X509Certificate[] cert) { return true; } public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[ 0]; }@Overridepublic void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {// TODO Auto-generated method stub}@Overridepublic void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {// TODO Auto-generated method stub}}方案二:使用证书(首先我没验证成功),大概生成证书步骤如下:
smtp和imap 都一样,将imap替换成smtp就可以了
1、下载InstallCert.java 文件(后面会粘贴)
2、打开cmd命令,进入InstallCert.java所在目录;
3、输入命令:javac InstallCert.java 将java文件编译成class;
4、输入命令:java InstallCert imap.ctsat.com:993 进行加载:imap 下的 ctsat邮箱后缀,端口号993 进行编译
5、编译后询问"Enter certificate to add to trusted keystore or 'q' to quit: [1]" 现在直接按回车即可,
6、最后生成文件jssecacerts ( Added certificate to keystore 'jssecacerts' using alias 'imap.ctsat.com-1')
7、得到jssecacerts文件后复制到jdk1.6.0_14\jre\lib\security目录 就可以了;
(或者使用imapSSLProp.setProperty("javax.net.ssl.trustStore","file:///android_asset/jssecacerts"); //我使用的是这个 但是没有成功)
cmd命令如下:
1.
2.........
3........
代码附录
1.InstallCert.java
/* * Copyright 2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * - Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * - Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * - Neither the name of Sun Microsystems nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */import java.io.*;import java.net.URL;import java.security.*;import java.security.cert.*;import javax.net.ssl.*;public class InstallCert { public static void main(String[] args) throws Exception {String host;int port;char[] passphrase;if ((args.length == 1) || (args.length == 2)) { String[] c = args[0].split(":"); host = c[0]; port = (c.length == 1) ? 443 : Integer.parseInt(c[1]); String p = (args.length == 1) ? "changeit" : args[1]; passphrase = p.toCharArray();} else { System.out.println("Usage: java InstallCert <host>[:port] [passphrase]"); return;}File file = new File("jssecacerts");if (file.isFile() == false) { char SEP = File.separatorChar; File dir = new File(System.getProperty("java.home") + SEP + "lib" + SEP + "security"); file = new File(dir, "jssecacerts"); if (file.isFile() == false) {file = new File(dir, "cacerts"); }}System.out.println("Loading KeyStore " + file + "...");InputStream in = new FileInputStream(file);KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());ks.load(in, passphrase);in.close();SSLContext context = SSLContext.getInstance("TLS");TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());tmf.init(ks);X509TrustManager defaultTrustManager = (X509TrustManager)tmf.getTrustManagers()[0];SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);context.init(null, new TrustManager[] {tm}, null);SSLSocketFactory factory = context.getSocketFactory();System.out.println("Opening connection to " + host + ":" + port + "...");SSLSocket socket = (SSLSocket)factory.createSocket(host, port);socket.setSoTimeout(10000);try { System.out.println("Starting SSL handshake..."); socket.startHandshake(); socket.close(); System.out.println(); System.out.println("No errors, certificate is already trusted");} catch (SSLException e) { System.out.println(); e.printStackTrace(System.out);}X509Certificate[] chain = tm.chain;if (chain == null) { System.out.println("Could not obtain server certificate chain"); return;}BufferedReader reader =new BufferedReader(new InputStreamReader(System.in));System.out.println();System.out.println("Server sent " + chain.length + " certificate(s):");System.out.println();MessageDigest sha1 = MessageDigest.getInstance("SHA1");MessageDigest md5 = MessageDigest.getInstance("MD5");for (int i = 0; i < chain.length; i++) { X509Certificate cert = chain[i]; System.out.println (" " + (i + 1) + " Subject " + cert.getSubjectDN()); System.out.println(" Issuer " + cert.getIssuerDN()); sha1.update(cert.getEncoded()); System.out.println(" sha1 " + toHexString(sha1.digest())); md5.update(cert.getEncoded()); System.out.println(" md5 " + toHexString(md5.digest())); System.out.println();}System.out.println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");String line = reader.readLine().trim();int k;try { k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1;} catch (NumberFormatException e) { System.out.println("KeyStore not changed"); return;}X509Certificate cert = chain[k];String alias = host + "-" + (k + 1);ks.setCertificateEntry(alias, cert);OutputStream out = new FileOutputStream("jssecacerts");ks.store(out, passphrase);out.close();System.out.println();System.out.println(cert);System.out.println();System.out.println("Added certificate to keystore 'jssecacerts' using alias '"+ alias + "'"); } private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray(); private static String toHexString(byte[] bytes) {StringBuilder sb = new StringBuilder(bytes.length * 3);for (int b : bytes) { b &= 0xff; sb.append(HEXDIGITS[b >> 4]); sb.append(HEXDIGITS[b & 15]); sb.append(' ');}return sb.toString(); } private static class SavingTrustManager implements X509TrustManager {private final X509TrustManager tm;private X509Certificate[] chain;SavingTrustManager(X509TrustManager tm) { this.tm = tm;}public X509Certificate[] getAcceptedIssuers() { throw new UnsupportedOperationException();}public void checkClientTrusted(X509Certificate[] chain, String authType)throws CertificateException { throw new UnsupportedOperationException();}public void checkServerTrusted(X509Certificate[] chain, String authType)throws CertificateException { this.chain = chain; tm.checkServerTrusted(chain, authType);} }}
阅读全文
0 0
- javaMail MessagingException CertPathValidatorException
- javamail javax.mail.MessagingException: Could not connect to SMTP host:
- javamail linux 下报错javax.mail.MessagingException: 500 Error: bad syntax
- 在Linux下使用JavaMail发送邮件报错:javax.mail.MessagingException: Unknown SMTP host:
- 解决JavaMail 发送邮件javax.mail.MessagingException: 501 Syntax: HELO hostname问题
- JavaMail - javax.mail.MessagingException 解决java邮件有时候发送失败的错误
- 解决使用JavaMail发送邮件报错javax.mail.MessagingException: 500 Error: bad syntax
- javax.mail.MessagingException: 501
- JavaMail
- JavaMail
- javaMail
- JavaMail
- javamail
- javamail
- javamail
- JAVAMAIL
- javamail
- JavaMail
- ROS多机通信/在多台机器上使用ROS系统/多台电脑使用同一个主节点ROS master/ROS多机ssh通信
- okhttp框架解析
- Vim实用技巧高清完整版PDF中文
- 使用Harr级联分类器检测人脸(包括眼睛)
- 关于js中同步加载
- javaMail MessagingException CertPathValidatorException
- IntelliJ IDEA---Live Templates
- Ubuntu16.04使用pip3和pip安装numpy,scipy,matplotlib等第三方库
- setContentView()探秘二
- mysql大量数据迁移
- mysql如何根据select结果进行二次连接查询
- iOS App直接调用SafariController,不跳转到Safari浏览器
- CSDN第一篇博客
- mysql日期、时间函数