无论如何都没有身份验证信任证书的JavaMail SSL
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/21488938/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
JavaMail SSL with no Authentication trust certificate regardless
提问by gtgaxiola
I have a local mail server (hMailServer) with SSL (port 465) and a self-signed certificate.
我有一个带有 SSL(端口 465)和自签名证书的本地邮件服务器 (hMailServer)。
Domain is "foobar.com"
域名是“foobar.com”
I have setup my Propertiesto enable ssl, disable auth, and trust any host
我已经设置Properties了启用 ssl、禁用身份验证和信任任何主机
props.put("mail.smtp.auth", "false");
props.put("mail.smtp.ssl.enable", "true");
props.put("mail.smtp.ssl.trust", "*");
If I send the message through the static call to Transport.send()The email gets delivered.
如果我通过静态调用将消息发送到Transport.send()电子邮件已送达。
If I try to get a transportinstance from the session then I get
如果我尝试transport从会话中获取实例,那么我会得到
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
How does the static call avoids the SSLHandshakeException?
静态调用如何避免 SSLHandshakeException?
Here's my tester code:
这是我的测试人员代码:
public static void main(String[] args) throws Exception {
Properties props = new Properties();
props.put("mail.smtp.host", "127.0.0.1");
props.put("mail.debug", "false");
props.put("mail.smtp.port", "465");
props.put("mail.smtp.timeout", "60000");
props.put("mail.smtp.auth", "false");
props.put("mail.smtp.sendpartial", "true");
props.put("mail.smtp.ssl.enable", "true");
props.put("mail.smtp.ssl.trust", "*");
Session session = Session.getInstance(props);
Message message = new MimeMessage(session);
message.setFrom(new InternetAddress("[email protected]"));
message.setRecipients(Message.RecipientType.TO, InternetAddress.parse("[email protected]"));
message.setSubject("Just a Test " + new Date());
message.setText("Hello World");
//Comment and uncomment to test
Transport.send(message, message.getAllRecipients());
//Transport t = session.getTransport("smtps");
//t.connect();
//t.sendMessage(message, message.getAllRecipients());
//t.close();
}
This is a local system hidden from the outside, so I am not worried about man in the middle attack generating their own certificates to bypass the SSL Handshake...
这是一个隐藏在外部的本地系统,所以我不担心中间人攻击生成自己的证书来绕过 SSL 握手...
采纳答案by Bill Shannon
You asked for an "smtps" transport. You set the properties for the "smtp" transport. Since you've set the "mail.smtp.ssl.enable" property to "true", you can just ask for an "smtp" transport and it will use SSL.
您要求使用“smtps”传输。您设置“smtp”传输的属性。由于您已将“mail.smtp.ssl.enable”属性设置为“true”,因此您只需请求“smtp”传输,它将使用 SSL。
回答by Paul Arer
The best solution for this is to use the following line
对此的最佳解决方案是使用以下行
MailSSLSocketFactory socketFactory = new MailSSLSocketFactory();
socketFactory.setTrustAllHosts(true);
回答by lokesh vishwas
This the solution for JavaMail SSL with no Authentication trust certificate using Spring framework, change your .xml file as describe below.You can see the solution in the snapshot See the image description here
这是使用 Spring 框架的没有身份验证信任证书的 JavaMail SSL 的解决方案,如下所述更改您的 .xml 文件。您可以在快照中看到解决方案请参阅此处的图像描述
javax.net.ssl.SSLSocketFactory true
javax.net.ssl.SSLSocketFactory true
change it to falseif you want mail server must be in ssl
如果您希望邮件服务器必须在 ssl 中,请将其更改为false
