java - JavaMail SSL with no Authentication trust certificate regardless -
i have local mail server (hmailserver) ssl (port 465) , self-signed certificate.
domain "foobar.com"
i have setup properties
enable ssl, disable auth, , trust host
props.put("mail.smtp.auth", "false"); props.put("mail.smtp.ssl.enable", "true"); props.put("mail.smtp.ssl.trust", "*");
if send message through static call transport.send()
email gets delivered.
if try transport
instance session get
javax.net.ssl.sslhandshakeexception: sun.security.validator.validatorexception: pkix path building failed: sun.security.provider.certpath.suncertpathbuilderexception: unable find valid certification path requested target
how static call avoids sslhandshakeexception?
here's tester code:
public static void main(string[] args) throws exception { properties props = new properties(); props.put("mail.smtp.host", "127.0.0.1"); props.put("mail.debug", "false"); props.put("mail.smtp.port", "465"); props.put("mail.smtp.timeout", "60000"); props.put("mail.smtp.auth", "false"); props.put("mail.smtp.sendpartial", "true"); props.put("mail.smtp.ssl.enable", "true"); props.put("mail.smtp.ssl.trust", "*"); session session = session.getinstance(props); message message = new mimemessage(session); message.setfrom(new internetaddress("mrfoo@foobar.com")); message.setrecipients(message.recipienttype.to, internetaddress.parse("you@foobar.com")); message.setsubject("just test " + new date()); message.settext("hello world"); //comment , uncomment test transport.send(message, message.getallrecipients()); //transport t = session.gettransport("smtps"); //t.connect(); //t.sendmessage(message, message.getallrecipients()); //t.close(); }
this local system hidden outside, not worried man in middle attack generating own certificates bypass ssl handshake...
you asked "smtps" transport. set properties "smtp" transport. since you've set "mail.smtp.ssl.enable" property "true", can ask "smtp" transport , use ssl.
Comments
Post a Comment