我嘗試使用自簽名證書通過imap使用ssl獲取電子郵件,但它不起作用。當我嘗試連接時,出現「PKIX路徑驗證失敗」異常。我已將我的證書添加到java密鑰庫並在代碼中設置了相關屬性,但我不確定是否足夠。還有我的情況的一些細節:使用SSL的Java郵件 - PKIX路徑驗證失敗
我創建了自己的密鑰庫並導入該證書到它與keytool命令:
keytool -import -trustcacerts -alias root -file mycert.crt -keystore C:\Users\me\Desktop\keystore.jks
我的代碼是:
System.setProperty("javax.net.ssl.keyStore", "C:/Users/me/Desktop/keystore.jks");
System.setProperty("javax.net.ssl.trustStore", "C:/Users/me/Desktop/keystore.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "123456");
System.setProperty("javax.net.ssl.keyStorePassword", "123456");
Message[] emails;
Folder folder = null;
Store store = null;
try {
Properties props = System.getProperties();
Session session = Session.getDefaultInstance(props, null);
store = session.getStore("imaps");
store.connect(host,login, password);
folder = store.getFolder("INBOX");
folder.open(Folder.READ_ONLY);
emails = folder.getMessages();
System.out.println("You've got: "+emails.length+" emails");
} catch (Exception e) {
e.printStackTrace();
}
finally {
if (folder != null)
folder.close(false);
if (store != null)
store.close();
}
在store.connect( )我得到「PKIX驗證失敗異常」。有一個堆棧跟蹤:
javax.mail.MessagingException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: unrecognized critical extension(s);
nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: unrecognized critical extension(s)
at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:674)
at javax.mail.Service.connect(Service.java:345)
at javax.mail.Service.connect(Service.java:226)
at Mail.checkMailBox(Mail.java:69)
at Mail.main(Mail.java:99)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: unrecognized critical extension(s)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1886)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:528)
at com.sun.mail.util.SocketFetcher.createSocket(SocketFetcher.java:333)
at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:229)
at com.sun.mail.iap.Protocol.<init>(Protocol.java:116)
at com.sun.mail.imap.protocol.IMAPProtocol.<init>(IMAPProtocol.java:115)
at com.sun.mail.imap.IMAPStore.newIMAPProtocol(IMAPStore.java:689)
at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:638)
... 4 more
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: unrecognized critical extension(s)
at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:350)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:260)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
... 18 more
Caused by: java.security.cert.CertPathValidatorException: unrecognized critical extension(s)
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:192)
at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:351)
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:191)
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:279)
at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:345)
... 24 more
是否還有什麼我需要在我的代碼中,或者什麼是我的證書有問題?這個問題的原因是什麼?請幫忙。
問候, 阿圖爾
以任何方式將證書添加至你的jdk – Veera
是否使用SSL/HTTPS,在所有這些代碼在你的應用程序之前?順便說一句,除非您想使用客戶端證書身份驗證,否則不要設置密鑰庫。 – Bruno