使用SSL向GMail发送邮件时，身份验证或解密失败

Question

I'm referring to this guide on C# SMTP mail .

Here is my code:

MailMessage mail = new MailMessage();
SmtpClient SmtpServer = new SmtpClient("smtp.gmail.com");
mail.From = new MailAddress("dave.stockinger@gmail.com");
mail.To.Add("dave.stockinger@gmail.com");
mail.Subject = "Test Mail";
mail.Body = "This is for testing SMTP mail from GMAIL";
SmtpServer.Port = 587;
SmtpServer.Credentials = new System.Net.NetworkCredential("MyUserNameInGmail", "MyGmailPassWord");
SmtpServer.EnableSsl = true;

SmtpServer.Send(mail);

Unfortunately, there's an exception regarding SSL and I can't fix it:

Unhandled Exception: System.Net.Mail.SmtpException: Message could not be sent. ---> System.IO.IOException: The authentication or decryption has failed. ---> System.InvalidOperationException: SSL authentication error: RemoteCertificateNotAvailable, RemoteCertificateChainErrors at System.Net.Mail.SmtpClient.m__4 (System.Object sender, System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Security.Cryptography.X509Certificates.X509Chain chain, SslPolicyErrors sslPolicyErrors) [0x00000] in :0 at System.Net.Security.SslStream+c__AnonStorey7.<>m__A (System.Security.Cryptography.X509Certificates.X509Certificate cert, System.Int32[] certErrors) [0x00000] in :0
at Mono.Security.Protocol.Tls.SslClientStream.OnRemoteCertificateValidation (System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Int32[] errors) [0x00000] in :0
at Mono.Security.Protocol.Tls.SslStreamBase.RaiseRemoteCertificateValidation (System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Int32[] errors) [0x00000] in :0
at Mono.Security.Protocol.Tls.SslClientStream.RaiseServerCertificateValidation (System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Int32[] certificateErrors) [0x00000] in :0 at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates (Mono.Security.X509.X509CertificateCollection certificates) [0x00000] in :0 at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1 () [0x00000] in :0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in :0
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process () at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in :0 at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in :0 --- End of inner exception stack trace --- at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in :0 --- End of inner exception stack trace --- at System.Net.Mail.SmtpClient.Send (System.Net.Mail.MailMessage message) [0x00000] in :0
at csharpdungeon.MainClass.Main () [0x00000] in :0

Answer 1

Check if code below would work for you; I've tested it on my gmail account and it seem to work fine with my mono 2.0 running on ubuntu 10.04LTS

using System;
using System.Net;
using System.Net.Mail;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;

namespace mono_gmail
{
    class MainClass
    {
        public static void Main (string[] args)
        {
            MailMessage mail = new MailMessage();

            mail.From = new MailAddress("my.name@gmail.com");
            mail.To.Add("my.name@hotmail.com");
            mail.Subject = "Test Mail";
            mail.Body = "This is for testing SMTP mail from GMAIL";

            SmtpClient smtpServer = new SmtpClient("smtp.gmail.com");
            smtpServer.Port = 587;
            smtpServer.Credentials = new System.Net.NetworkCredential("my.name", "my.password");
            smtpServer.EnableSsl = true;
            ServicePointManager.ServerCertificateValidationCallback = 
                delegate(object s, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) 
                    { return true; };
            smtpServer.Send(mail);
        }
    }
}

solution is taken from here

hope this helps, regards

Answer 2

The correct solution is not to remove SSL Certificate Validation. GMail has a valid certificate. The problem is that Mono can't seem to find the certificate.

This is completely wrong for so many reasons, but mainly because it removes a very important certificate validation:

ServicePointManager.ServerCertificateValidationCallback = 
            delegate(object s, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) 
                { return true; };

The correct solution is to install the certificate in your machine:

mozroots --import --ask-remove --machine
certmgr -ssl smtps://smtp.gmail.com:465

This will effectively download the certificate for gmail and it will make it available for mono to use.

Answer 3

You do not have the appropriate certificate authorities installed somewhere where Mono can see them. Please have a look at the Mono project security FAQ for the steps to remedy this error.

Answer 4

If you're using SSL rather than TLS, you need port 465 rather than 587.

See http://mail.google.com/support/bin/answer.py?hl=en&answer=13287 .

Answer 5

您是否尝试更改端口，我知道SSL的默认SMTP端口是465

Answer 6

Found another solution from SmtpClient with Gmail

certmgr -ssl smtps://smtp.gmail.com:465

If you are running mono web server, run command with same username as mono process.

Answer 7

Do you need to send securely with SSL? You could remove this statement SmtpServer.EnableSsl = true; which would not require the SSL cert.