1. 首页
  2. 问答
  3. 使用SSL的Java邮件 - PKIX路径验证失败

使用SSL的Java邮件 - PKIX路径验证失败

2013-07-30 123 views
0

我尝试使用自签名证书通过imap使用ssl获取电子邮件,但它不起作用。当我尝试连接时,出现“PKIX路径验证失败”异常。我已将我的证书添加到java密钥库并在代码中设置了相关属性,但我不确定是否足够。还有我的情况的一些细节:使用SSL的Java邮件 - PKIX路径验证失败

我创建了自己的密钥库并导入该证书到它与keytool命令:

keytool -import -trustcacerts -alias root -file mycert.crt -keystore C:\Users\me\Desktop\keystore.jks

我的代码是:

System.setProperty("javax.net.ssl.keyStore", "C:/Users/me/Desktop/keystore.jks"); 
System.setProperty("javax.net.ssl.trustStore", "C:/Users/me/Desktop/keystore.jks"); 
System.setProperty("javax.net.ssl.trustStorePassword", "123456"); 
System.setProperty("javax.net.ssl.keyStorePassword", "123456"); 

Message[] emails; 
Folder folder = null; 
Store store = null; 

try { 
Properties props = System.getProperties(); 

Session session = Session.getDefaultInstance(props, null); 
store = session.getStore("imaps"); 

store.connect(host,login, password); 
folder = store.getFolder("INBOX"); 
folder.open(Folder.READ_ONLY); 

emails = folder.getMessages(); 
System.out.println("You've got: "+emails.length+" emails"); 

} catch (Exception e) { 
e.printStackTrace(); 
} 
finally { 
if (folder != null) 
    folder.close(false); 
if (store != null) 
    store.close(); 
}

在store.connect( )我得到“PKIX验证失败异常”。有一个堆栈跟踪:

javax.mail.MessagingException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: unrecognized critical extension(s); 
    nested exception is: 
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: unrecognized critical extension(s) 
    at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:674) 
    at javax.mail.Service.connect(Service.java:345) 
    at javax.mail.Service.connect(Service.java:226) 
    at Mail.checkMailBox(Mail.java:69) 
    at Mail.main(Mail.java:99) 
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: unrecognized critical extension(s) 
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) 
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1886) 
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) 
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) 
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341) 
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) 
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) 
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) 
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) 
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) 
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) 
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) 
    at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:528) 
    at com.sun.mail.util.SocketFetcher.createSocket(SocketFetcher.java:333) 
    at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:229) 
    at com.sun.mail.iap.Protocol.<init>(Protocol.java:116) 
    at com.sun.mail.imap.protocol.IMAPProtocol.<init>(IMAPProtocol.java:115) 
    at com.sun.mail.imap.IMAPStore.newIMAPProtocol(IMAPStore.java:689) 
    at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:638) 
    ... 4 more 
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: unrecognized critical extension(s) 
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:350) 
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:260) 
    at sun.security.validator.Validator.validate(Validator.java:260) 
    at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) 
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) 
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) 
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323) 
    ... 18 more 
Caused by: java.security.cert.CertPathValidatorException: unrecognized critical extension(s) 
    at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:192) 
    at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:351) 
    at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:191) 
    at java.security.cert.CertPathValidator.validate(CertPathValidator.java:279) 
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:345) 
    ... 24 more

是否还有什么我需要在我的代码中,或者什么是我的证书有问题?这个问题的原因是什么?请帮忙。

问候, 阿图尔

来源

2013-07-30 akn

+0

以任何方式将证书添加至你的jdk – Veera

+0

是否使用SSL/HTTPS,在所有这些代码在你的应用程序之前?顺便说一句,除非您想使用客户端证书身份验证,否则不要设置密钥库。 – Bruno

回答

1

我不明白你在做什么错,但你可能想尝试的过程中所述here。有关更多建议,另请参阅this JavaMail FAQ entry

来源

2013-07-30 21:13:26

+0

InstallCert与参数myhost.com:993帮助。我之前使用过错误的证书。 – akn

相关问题

 相关问题