Reputation: 68972
How to disable javamail SSL support?
I receive the following Exception while trying to send an email (using Seam)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find vali
d certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1014)
... 68 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
... 74 more
I tested the server by using a plain javamail app with no extra settings and it worked fine.
But using Seams mail-tags the Exception occurs. - Is there a way to disable SSL? I realy don't need SSL.
I found these properties in a forum
mail.smtp.ssl.trust="*"
mail.smtp.starttls.enable="true"
- How could I pass them the properties above through seam framework down to javamail ?
Upvotes: 1
Views: 8977
Answers (2)
Reputation: 6312
According to Seam reference manual and Seam forum you should be able to disable TLS and SSL directly in your components.xml configuration:
<mail:mail-session debug="true" tls="false" ssl="false" ... />
Upvotes: 3
Reputation: 122719
The error you're getting means that one of the certificates (presumably the server's certificate) isn't trusted by your JavaMail client. Since you seem to be using STARTTLS, you're effectively using SSL/TLS.
You could perhaps try something like mail.smtp.starttls.enable="false" if you don't want to use SSL/TLS at all, although some SMTP servers will force you to use it (either SSL/TLS on connection or via STARTTLS) to proceed any further.
Alternatively, if you change your mind and want/need to use SSL, make sure your trust store on the client side contains a trust anchor (CA certificate) that can be used to verify your server certificate. (Note that the mail.smtp.ssl.checkserveridentity default to false is insecure, so you'd want to change that to true, and not use mail.smtp.ssl.trust="*".)
Upvotes: 4
Related Questions
- how to ignore server cert error in javamail
- Using JavaMail with TLS
- javax.net.ssl.SSLException when sending mail using JavaMail
- In java SSLv3 is disabled but in javamail API ssl works?
- Spring mail disable TLS
- JavaMail SSL with no Authentication trust certificate regardless
- JavaMail mail.smtp.ssl.enable is not working
- Disable JAVA SSL3
- When connecting to a server with JavaMail, what is the supported version of SSL?
- Javamail and TLS? (not STARTTLS)