本文介绍了如何在Windows上为javax.net.ssl.trustStore配置trustStore?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试使用imap从java中的电子邮件服务器提取消息,并且我遇到了这个异常:
I'm trying to pull messages from an email server in java using imap and i run into this exception:
DEBUG: JavaMail version 1.4.2
DEBUG: successfully loaded resource: /META-INF/javamail.default.providers
DEBUG: Tables of loaded providers
DEBUG: Providers Listed By Class Name: {com.sun.mail.smtp.SMTPSSLTransport=javax.mail.Provider[TRANSPORT,smtps,com.sun.mail.smtp.SMTPSSLTransport,Sun Microsystems, Inc], com.sun.mail.smtp.SMTPTransport=javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsystems, Inc], com.sun.mail.imap.IMAPSSLStore=javax.mail.Provider[STORE,imaps,com.sun.mail.imap.IMAPSSLStore,Sun Microsystems, Inc], com.sun.mail.pop3.POP3SSLStore=javax.mail.Provider[STORE,pop3s,com.sun.mail.pop3.POP3SSLStore,Sun Microsystems, Inc], com.sun.mail.imap.IMAPStore=javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Sun Microsystems, Inc], com.sun.mail.pop3.POP3Store=javax.mail.Provider[STORE,pop3,com.sun.mail.pop3.POP3Store,Sun Microsystems, Inc]}
DEBUG: Providers Listed By Protocol: {imaps=javax.mail.Provider[STORE,imaps,com.sun.mail.imap.IMAPSSLStore,Sun Microsystems, Inc], imap=javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Sun Microsystems, Inc], smtps=javax.mail.Provider[TRANSPORT,smtps,com.sun.mail.smtp.SMTPSSLTransport,Sun Microsystems, Inc], pop3=javax.mail.Provider[STORE,pop3,com.sun.mail.pop3.POP3Store,Sun Microsystems, Inc], pop3s=javax.mail.Provider[STORE,pop3s,com.sun.mail.pop3.POP3SSLStore,Sun Microsystems, Inc], smtp=javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsystems, Inc]}
DEBUG: successfully loaded resource: /META-INF/javamail.default.address.map
DEBUG: getProvider() returning javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Sun Microsystems, Inc]
DEBUG: mail.imap.fetchsize: 16384
DEBUG: mail.imap.statuscachetimeout: 1000
DEBUG: mail.imap.appendbuffersize: -1
DEBUG: mail.imap.minidletime: 10
DEBUG: enable STARTTLS
DEBUG: trying to connect to host "10.53.151.183", port 143, isSSL false
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS LOGINDISABLED] Dovecot ready.
DEBUG: protocolConnect login, host=10.53.151.183, user=compass, password=<non-null>
A0 STARTTLS
A0 OK Begin TLS negotiation now.
A1 CAPABILITY
com.mycompany.blah.common.lifecycle.exception.StartException: javax.mail.MessagingException: * BYE JavaMail Exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target;
nested exception is:
com.sun.mail.iap.ProtocolException: * BYE JavaMail Exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.mycompany.blah.impl.email.IMAPEmailMonitorIngestor.start(IMAPEmailMonitorIngestor.java:63)
at com.mycompany.blah.impl.EmailMonitorIT.test(EmailMonitorIT.java:54)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.apache.maven.surefire.junit4.JUnit4TestSet.execute(JUnit4TestSet.java:53)
at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:123)
at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:104)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.apache.maven.surefire.util.ReflectionUtils.invokeMethodWithArray(ReflectionUtils.java:164)
at org.apache.maven.surefire.booter.ProviderFactory$ProviderProxy.invoke(ProviderFactory.java:110)
at org.apache.maven.surefire.booter.SurefireStarter.invokeProvider(SurefireStarter.java:172)
at org.apache.maven.surefire.booter.SurefireStarter.runSuitesInProcessWhenForked(SurefireStarter.java:104)
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:70)
Caused by: javax.mail.MessagingException: * BYE JavaMail Exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target;
nested exception is:
com.sun.mail.iap.ProtocolException: * BYE JavaMail Exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:609)
at javax.mail.Service.connect(Service.java:291)
at com.mycompany.blah.impl.email.IMAPEmailMonitorIngestor.start(IMAPEmailMonitorIngestor.java:58)
... 32 more
Caused by: com.sun.mail.iap.ProtocolException: * BYE JavaMail Exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.mail.imap.protocol.IMAPProtocol.capability(IMAPProtocol.java:143)
at com.sun.mail.imap.IMAPStore.login(IMAPStore.java:624)
at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:589)
... 34 more
我的同事认为配置我的信任商店存在问题。我在下面试过这两行没有运气:
my collegue thinks its an issue with configuring my trust store. I've tried both these lines below without any luck:
System.setProperty("javax.net.ssl.trustStore", "C:/Program Files (x86)/Java/jdk1.7.0_21/jre/lib/security/cacerts");
System.setProperty("javax.net.ssl.trustStore", "C:/Program Files/Java/jdk1.7.0_17/jre/lib/security/cacerts");
关于我需要设置的任何想法。顺便说一句,我的同事通过使用以下方式启动应用程序,使其在Linux机器上工作:
Any ideas on what i need to be setting. BTW my colleague got this to work on a Linux box by launching the app using:
-Djavax.net.ssl.trustStore=/usr/java/jdk1.7.0_25/jre/lib/security/cacerts
但我是我也很想在我的开发机器上工作。我已经读过启动应用程序时set系统属性应该与-D选项相同。
But I'd really like to get this working on my development machine as well. I've read that the set system property should be identical to the -D option when launching the app.
推荐答案
你应该先检查证书服务器发送给你的是什么。要这样做:
You should first check what certificate server is sending you.To do it:
- 打开ssl debug:-Djavax.net.debug = all
- 在日志中找到以下行:***证书链......
- 查找证书颁发者
- 将颁发者证书添加到某个信任存储区(实际上,如果您收到证书链。您可以添加根证书)
- 使用-Djavax.net.ssl.trustStore = path / to / new /重新运行truststore和-Djava.net.ssl.trustStorePassword = ...
- Turn on ssl debug: -Djavax.net.debug=all
- Find the following lines in log: *** Certificate chain ...
- Find who the issuer of certificate
- Add issuer certificate to some trust store (actually if you receive cert. chain you can add root certificate)
- Rerun with -Djavax.net.ssl.trustStore=path/to/new/truststore and -Djava.net.ssl.trustStorePassword=...
BTW:
- 您不需要显式指定java信任库
- 相同系统属性的每个设置都会覆盖以前的值
- 你有一句奇怪的行:DEBUG:尝试连接主机10.53.151.183,端口143, isSSL false
- You don't need to explicitly specify java trust store
- every setting of same system property overrides previous value
- you have strange line: DEBUG: trying to connect to host "10.53.151.183", port 143, isSSL false
这篇关于如何在Windows上为javax.net.ssl.trustStore配置trustStore?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!