Reputation: 9331
JavaMail SSL with no Authentication trust certificate regardless
I have a local mail server (hMailServer) with SSL (port 465) and a self-signed certificate.
Domain is "foobar.com"
I have setup my Properties to enable ssl, disable auth, and trust any host
props.put("mail.smtp.auth", "false");
props.put("mail.smtp.ssl.enable", "true");
props.put("mail.smtp.ssl.trust", "*");
If I send the message through the static call to Transport.send()
The email gets delivered.
If I try to get a transport instance from the session then I get
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
How does the static call avoids the SSLHandshakeException?
Here's my tester code:
public static void main(String[] args) throws Exception {
Properties props = new Properties();
props.put("mail.smtp.host", "127.0.0.1");
props.put("mail.debug", "false");
props.put("mail.smtp.port", "465");
props.put("mail.smtp.timeout", "60000");
props.put("mail.smtp.auth", "false");
props.put("mail.smtp.sendpartial", "true");
props.put("mail.smtp.ssl.enable", "true");
props.put("mail.smtp.ssl.trust", "*");
Session session = Session.getInstance(props);
Message message = new MimeMessage(session);
message.setFrom(new InternetAddress("[email protected]"));
message.setRecipients(Message.RecipientType.TO, InternetAddress.parse("[email protected]"));
message.setSubject("Just a Test " + new Date());
message.setText("Hello World");
//Comment and uncomment to test
Transport.send(message, message.getAllRecipients());
//Transport t = session.getTransport("smtps");
//t.connect();
//t.sendMessage(message, message.getAllRecipients());
//t.close();
}
This is a local system hidden from the outside, so I am not worried about man in the middle attack generating their own certificates to bypass the SSL Handshake...
Upvotes: 7
Views: 27874
Answers (3)
Reputation: 1
This the solution for JavaMail SSL with no Authentication trust certificate using Spring framework, change your .xml file as describe below.You can see the solution in the snapshot See the image description here
javax.net.ssl.SSLSocketFactory true
change it to false if you want mail server must be in ssl
Upvotes: 0
Reputation: 181
The best solution for this is to use the following line
MailSSLSocketFactory socketFactory = new MailSSLSocketFactory();
socketFactory.setTrustAllHosts(true);
Upvotes: -4
Reputation: 29971
You asked for an "smtps" transport. You set the properties for the "smtp" transport. Since you've set the "mail.smtp.ssl.enable" property to "true", you can just ask for an "smtp" transport and it will use SSL.
Upvotes: 12
Related Questions
- Using JavaMail with TLS
- javax.net.ssl.SSLException when sending mail using JavaMail
- Java mail cannot connect to smtp using tls or ssl
- Javamail not working with gmail SMTP
- Failed sending email with java program via smtp and ssl
- Java mail TLS authentcation
- SSL with javamail not working
- Javamail fails but with no exceptions or debug error
- Use JavaMail API to send mail without using SSL
- No trusted certificate found while sending a mail, but the certificate seems to be in the keystore