从Java发送邮件时出错(SSLHandShake异常)
[英]error while mailing from Java (SSLHandShake Exception)
问题描述
I am getting following exception while sending mails from Java. 
从Java发送邮件时出现以下异常。
31/03 14:06:19:571 INFO [ ] IBSUtils sendMailfromsmtp() MessagingException in Sending Mail :javax.mail.MessagingException: Can't send command to SMTP host;
nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
It's sending mails in stand alone java programs but while running from JBoss server its throwing this exception. 它在独立的Java程序中发送邮件,但在从JBoss服务器运行时抛出此异常。 Code has been working from six months but suddenly its starts throwing this exception. 代码已经运行了六个月,但是突然它开始抛出该异常。
Seems some certificate Expired. 似乎有些证书已过期。
3 个解决方案
解决方案1
1 已采纳 2014-04-01 05:44:33
I've ever get this kind of error when my application(IBM Java 1.6) handle connection with webserver(Oracle Java 1.6). 当我的应用程序(IBM Java 1.6)处理与Web服务器(Oracle Java 1.6)的连接时,我曾经遇到过此类错误。 There might be Handshake exception while negotiating SSH protocol. 协商SSH协议时,可能存在握手异常。
You'd better set your Java protocol manually. 您最好手动设置Java协议。
// Using IBM jre there will be a handshake failure as IBM java 1.6 will
// negotiate to server SSLv3 protocol while it SHOULD be TLSv1
System.setProperty("https.protocols", "TLSv1");
解决方案2
0 2014-04-01 05:39:00
Seems some certificate Expired.
Correct. 正确。 The server certificate has expired. 服务器证书已过期。 Get it renewed, or complain to them if you can't get it done yourself. 更新它,如果您自己做不到,请向他们投诉。
Or else it hasn't come into its validity period yet. 否则它还没有进入有效期。
解决方案3
0 2014-04-01 06:04:02
Answering your request on how to get get information about the probably expired certificate: 回答有关如何获取可能已过期的证书的信息的请求:
Find out which server your mail is delivered to.
找出您的邮件发送到哪个服务器。 Where this is configured depends on you utility class for sending mail, JEE style is to get it from a mail session configured in jboss. 配置此文件的位置取决于您的实用程序类来发送邮件,JEE风格是从jboss中配置的邮件会话中获取它。 Assuming you deliver your mail to somehost on port 25 you could use
openssl s_clientto perform a TLS handshake to get the certificate:假设您将邮件传递到端口25上的某台主机,则可以使用openssl s_client执行TLS握手以获取证书:
openssl s_client -starttls smtp -crlf -connect somehost:25
This gives you the certificate itself (the base64 encoded part between the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE----- " delimiters and some basic information abobout it. Store the certificate including the delimiting lines in a file, say cert.pem . 这为您提供证书本身(“ ----- BEGIN CERTIFICATE -----”和“ ----- END CERTIFICATE -----”定界符之间的base64编码部分,以及有关它的一些基本信息。将包括定界线的证书存储在文件cert.pem 。
You can then decode it using 然后,您可以使用
openssl x509 -text -noout <cert.pem
This gives you all the information in the certificate as readable text. 这将以可读文本的形式为您提供证书中的所有信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.