Javamail 和 gmail,得到“PKIX 路径构建失败”
[英]Javamail and gmail, getting "PKIX path building failed"
问题描述
I'm trying to run a standalone Java class that will connect to Gmail as imap.
我正在尝试运行一个独立的 Java 类,它将作为 imap 连接到 Gmail。 Here is the code excerpt (username and pass masked)这是代码摘录(用户名和密码被屏蔽)
Properties props = System.getProperties();
props.setProperty("mail.store.protocol", "imap");
System.out.println("getting session");
Session session = Session.getInstance(props);
System.out.println("getting store");
Store store = session.getStore("imaps");
System.out.println("connecting");
store.connect("imap.gmail.com", "xxxxx", "yyyyyy");
When trying to run, it displays the "connecting" message but throws this尝试运行时,它会显示“正在连接”消息,但会抛出此消息
javax.mail.MessagingException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target;
nested exception is:
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I had done the following steps:我做了以下步骤:
- a) (from a Linux instance): openssl s_client -connect imap.gmail.com:993 a)(来自 Linux 实例):openssl s_client -connect imap.gmail.com:993
- b) from the above output copied the certificate into a pem file, then ran this on Windows b) 从上面的输出中将证书复制到一个 pem 文件中,然后在 Windows 上运行它
keytool -keystore cacerts -import -trustcacerts -alias gmailcert -file c:\gmailcert.pem -storepass changeit
The above step was in this folder C:\\Program Files\\Amazon Corretto\\jdk11.0.6_10\\lib\\security上面的步骤是在这个文件夹 C:\\Program Files\\Amazon Corretto\\jdk11.0.6_10\\lib\\security
In Eclipse, where I'm running the class, I set these jvm args在我运行课程的 Eclipse 中,我设置了这些 jvm args
-Djavax.net.ssl.trustStore="c:/Program Files/Amazon Corretto/jdk11.0.6_10/lib/security/cacerts"
-Djavax.net.ssl.trustStorePassword="changeit"
I also tried我也试过
-Djavax.net.ssl.trustStore="c:\Program Files\Amazon Corretto\jdk11.0.6_10\lib/security\cacerts"
-Djavax.net.ssl.trustStorePassword="changeit"
and和
-Djavax.net.ssl.trustStore="c:\\Program Files\\Amazon Corretto\\jdk11.0.6_10\\lib\\security\\cacerts"
-Djavax.net.ssl.trustStorePassword="changeit"
I also referred to this site , to make sure I'm importing the gmail cert correctly.我还提到了这个站点,以确保我正确导入了 gmail 证书。 I then ran an SSLPoke utility and get the same error, so it's something with the way I'm getting and importing the cert.然后我运行了一个 SSLPoke 实用程序并得到相同的错误,所以这与我获取和导入证书的方式有关。
What am I missing?我错过了什么?
1 个解决方案
解决方案1
0 2020-03-20 20:08:38
Most likely you have an anti-virus program that's intercepting the connection.很可能您有一个拦截连接的防病毒程序。 It would be better if you could configure it to allow a direct connection from your program.如果您可以将其配置为允许从您的程序直接连接,那就更好了。 Lacking that, see the JavaMail FAQ for help with the certificate.如果没有,请参阅JavaMail FAQ以获取有关证书的帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.