JavaMail中的错误:PKIX路径构建失败,无法找到请求的目标的有效证书路径
於意蕴
问题内容:
问题答案:
我正在尝试在android中构建电子邮件客户端应用程序,现在我想配置javaMail部分。
我正在尝试与imap服务器建立连接,但是我的代码出了点问题。这是我的代码:
package mailpackage;
import java.util.Properties;
import javax.mail.Folder;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.NoSuchProviderException;
import javax.mail.PasswordAuthentication;
import javax.mail.Session;
import javax.mail.Store;
public class Connection implements Runnable
{
boolean done;
public Connection()
{
this.done=false;
}
@Override
public void run()
{
System.out.println("Hello from Connection Thread!");
while(!done)
{
String host = "myhost";// change accordingly
String mailStoreType = "imap";
String username = "myusername";// change accordingly
String password = "mypasswd";// change accordingly
check(host, mailStoreType, username, password);
}
}
public static void receiveEmail(String host, String storeType, String username, String password)
{
try
{
Properties properties = new Properties();
properties.put("mail.imap.com", host);
properties.put("mail.imap.starttls.enable","true");
properties.put("mail.imap.auth", "true"); // If you need to authenticate
// Use the following if you need SSL
properties.put("mail.imap.socketFactory.port", 993);
properties.put("mail.imap.socketFactory.class", "javax.net.ssl.SSLSocketFactory");
properties.put("mail.imap.socketFactory.fallback", "false");
Session emailSession = Session.getDefaultInstance(properties);
emailSession.setDebug(true);
//2) create the IMAP store object and connect with the Imap server
IMAPStore emailStore = (IMAPStore) emailSession.getStore(storeType);
emailStore.connect(host, username, password);
//3) create the folder object and open it
Folder emailFolder = emailStore.getFolder("INBOX");
emailFolder.open(Folder.READ_ONLY);
//4) retrieve the messages from the folder in an array and print it
Message[] messages = emailFolder.getMessages();
for (int i = 0; i <messages.length; i++)
{
Message message = messages[i];
MimeMessage m = new MimeMessage(emailSession);
m.setContent(((MimeMessage)messages[i]).getContent() , "text/plain; charset=UTF-8");
System.out.println("---------------------------------");
System.out.println("Email Number " + (i + 1));
System.out.println("Subject: " + message.getSubject());
System.out.println("From: " + message.getFrom()[0]);
System.out.println("Text: " + message.getContent().toString());
m.writeTo(System.out);
}
//5) close the store and folder objects
emailFolder.close(false);
emailStore.close();
}
catch (NoSuchProviderException e) {e.printStackTrace();}
catch (MessagingException e) {e.printStackTrace();}
catch (IOException e) {e.printStackTrace();}
}
public void stopThread()
{
this.done=true;
}
}
我从这样的另一个类调用线程
connec=new Connection();
(new Thread(connec)).start();
我收到以下错误:
javax.mail.MessagingException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target;
nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:571)
at javax.mail.Service.connect(Service.java:288)
at javax.mail.Service.connect(Service.java:169)
at mailpackage.Connection.check(Connection.java:63)
at mailpackage.Connection.run(Connection.java:33)
at java.lang.Thread.run(Thread.java:744)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:882)
at sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
at com.sun.mail.util.TraceInputStream.read(TraceInputStream.java:110)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:235)
at java.io.BufferedInputStream.read(BufferedInputStream.java:254)
at com.sun.mail.iap.ResponseInputStream.readResponse(ResponseInputStream.java:98)
at com.sun.mail.iap.Response.<init>(Response.java:96)
at com.sun.mail.imap.protocol.IMAPResponse.<init>(IMAPResponse.java:61)
at com.sun.mail.imap.protocol.IMAPResponse.readResponse(IMAPResponse.java:135)
at com.sun.mail.imap.protocol.IMAPProtocol.readResponse(IMAPProtocol.java:261)
at com.sun.mail.iap.Protocol.<init>(Protocol.java:114)
at com.sun.mail.imap.protocol.IMAPProtocol.<init>(IMAPProtocol.java:104)
at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:538)
... 5 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
... 23 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
... 29 more
我阅读了一些有关PKIX路径错误的信息,该错误说将证书作为受信任的证书添加到Java存储中,但是我不知道这是否是解决方案,如果是这样,我也不知道该怎么做。
//我无权访问邮件服务器
有什么建议?谢谢!
问题答案:
好的问题解决了!
解决方案是这样的:
首先通过openssl从邮件服务器获取自签名证书:
echo | openssl s_client -connect yoursever:port 2>&1 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > yourcert.pem
然后将yourcert.pem文件保存到此路径/ Library / Java / Home / lib /
security(在macOSX上),然后将cert文件放入这样的cacert中
keytool -keystore cacerts -importcert -alias youralias -file yourcert.pem
默认密钥库密码为changeit
您可以查看使用此命令显示的证书指纹所做的更改。
keytool -list -keystore cacerts
之后,您应该在VM中传递这些参数
(对于Windows和Linux,请在“”之间键入yourpath)
-Djavax.net.ssl.trustStore="/Library/Java/Home/lib/security/cacerts"
-Djavax.net.ssl.trustStorePassword="changeit"
对于调试:
-Djava.security.debug=certpath
-Djavax.net.debug=trustmanager
类似资料:
-
我正在使用WSO2 API管理器和Keyclope服务器进行API网关和用户身份验证。两者都在Openshift 3.11上运行。在浏览器上,尝试重定向到wso2 apim上的存储页面时出现以下错误。此外,我正在为这两个服务器使用一个使用keytool生成的自签名证书,它还分别导入到JVM cacerts中。Open JDK版本为1.8。 我在使用javax时遇到了致命的问题。网ssl。SSLEx
-
我在Glassfish上有一个使用GoDaddy SSL证书的JAVA EE webapp。HTTP侦听器重定向到HTTPS侦听器。 我正在尝试让从Googlebot爬虫的网络应用程序中获取页面。该代码在未启用SSL的暂存服务器上按预期工作。但是,在具有GoDaddy SSL证书的实时服务器上,当尝试获取网页时,我会收到以下错误。 我已经尝试了这里指定的解决方法(http://www.mkyong
-
我正在尝试使用twitter4j库为我的Java项目获取tweets,该项目使用(可以在stack trace中看到)。在第一次运行时,我收到一个关于证书和的错误。然后我通过以下方式添加了twitter证书: 但没有成功。下面是获取Tweets的程序: 这里有一个错误:
-
连接Ex:javax.net.ssl.sslHandShakeException:Sun.Security.Validator.ValidatoreXception:PKIX路径构建失败:Sun.Security.Provider.CertPath.SunCertPathBuilderException:找不到请求目标的有效证书路径 代码:
-
问题内容: 我正在尝试为我的Java项目使用twitter4j库获取推文。在我的第一次运行中,我得到了关于证书和的错误。然后我通过以下方式添加了Twitter证书: 但是没有成功。这是获取推文的过程: 这是错误: 问题答案: 在你的firefox浏览器中转到URL,单击HTTPS证书链(URL地址旁边的锁定图标)。点击。提取名称,然后选择文件类型。现在,你有了带有密钥库的文件,并且必须将其添加到J
-
我正在使用eclipse,在尝试执行此函数时,出现了以下错误。 我想发送一个GET请求以及证书和密钥。我可以下载任何格式的证书,所以这不是问题。我知道我需要将此添加到java keystone中,但在尝试了各种建议后,我仍然无法修复此问题。 下面是错误-