stackoom
  简体   繁体   中英

How to establish a one way SSL connection to mail.google.com?

 原文  2014-01-27 22:55:21       java/ ssl

Question

I am trying to establish a one way SSL connection to mail.google.com through java. I supposed mail.google.com is the same as gmail, so I created a certificate for gmail.com using the instructions provided here .

I created the cert as follows - 

$ openssl s_client -connect smtp.gmail.com:465

Then I copied the 

-----BEGIN CERTIFICATE-----
...
...
-----END CERTIFICATE-----

section into a file called "gmail.cert".

After that, I created my own keystore using the following command, setting the password to "password" - 

$ keytool -import -alias smtp.gmail.com -keystore simpleKS.jks -file gmail.cert

I used the Java code provided at this link, with minor modifications: 

    System.setProperty("javax.net.ssl.trustStore", "simpleKS.jks");
    System.setProperty("javax.net.ssl.trustStorePassword", "password");
    System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");

    //connect to google          
    SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
    SSLSocket sslSock = (SSLSocket) factory.createSocket("mail.google.com",443);

    System.out.println("Sending request...");         
    //send HTTP get request
    BufferedWriter wr = new BufferedWriter(new OutputStreamWriter(sslSock.getOutputStream(), "UTF8"));           
    wr.write("GET /mail HTTP/1.1\r\nhost: mail.google.com\r\n\r\n");
    wr.flush();

    System.out.println("Reading response...");

    // read response
    BufferedReader rd = new BufferedReader(new InputStreamReader(sslSock.getInputStream()));          
    String string = null;

    while ((string = rd.readLine()) != null) {
        System.out.println(string);
        System.out.flush();
    }

    rd.close();
    wr.close();
    // Close connection.
    sslSock.close();

The class file and the keystore (and all other files) are in the same directory, so I am pretty sure it is not an issue with finding the actual keystore file.

However, when I execute this code, I get 

Sending request...
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

What am I doing wrong?

1 answers

solution1
 1  2014-01-27 23:23:28

Guess this is because the certs differ a bit for each protocol used see . So you might have to play arround with openssl to convert the cert to be used for another protocol.

Your error message states the same, it doesn't find a cert for mail.google.com since you only provided one for smtp.gmail.com.

(disclaimer i'm no ssl guru, just trying to point in a hopefully right direction)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Connection to https://mail.google.com refused, apache httpclient How to establish SSL connection with DB (SQL Server, PG), in a driver agnostic way? Unable to establish two way SSL connection (Can not find public key for alias) JDBC SQL Server Unable to Establish SSL Connection Java: establish SSL connection without authentication jInstagram - How to establish connection? How to establish connection with database How to configure TeamCity e-mail notification via SSL connection? How to fix " The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption" error how to establish a connection with a client on lan
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM