我已经提到了关于这个主题的几乎所有问题,但不幸的是,没有一个答案让我有突破。
我正在使用 EWS1.2 并从 eclipse 中运行以下代码以连接到我们的交换服务器以发送测试电子邮件。请参阅内联注释,了解我理解的代码正在做什么。
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2007_SP1);
/* Our company email id and windows password. We never had to enter a password for outlook.
I guess it is using LDAP authentication. In our outlook it is set to Negotiate Authentication. */
ExchangeCredentials credentials = new WebCredentials("123.abc@xyz.com", "MyWinPassword");
service.setCredentials(credentials);
/* Our proxy server's ip address and port. I am not sure if our exchange server is only accessible through a proxy
but this statement stopped a "connection refused" error that I was getting earlier */
WebProxy webProxy = new WebProxy("our_proxy_ip", 8080);
webProxy.setCredentials("my_win7_user_id", "MyWinPassword", "OurDomain");
service.setWebProxy(webProxy);
try {
service.setUrl(new URI("https://exchange_ip/ews/Exchange.asmx"));
/* Autodiscovery never worked: The Autodiscover service couldn't be located. */
// service.autodiscoverUrl("123.abc@xyz.com");
} catch (URISyntaxException e) {
e.printStackTrace();
}
EmailMessage msg;
try {
msg = new EmailMessage(service);
msg.setSubject("Test Email");
msg.setBody(MessageBody.getMessageBodyFromText("Sent using the EWS API"));
msg.getToRecipients().add("123.abc@xyz.com");
msg.send(); /* This is where we get an exception */
} catch (Exception e) {
e.printStackTrace();
}
这导致以下跟踪:
microsoft.exchange.webservices.data.ServiceRequestException: The request failed. sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at microsoft.exchange.webservices.data.ServiceRequestBase.getEwsHttpWebResponse(Unknown Source)
at microsoft.exchange.webservices.data.ServiceRequestBase.validateAndEmitRequest(Unknown Source)
at microsoft.exchange.webservices.data.SimpleServiceRequestBase.internalExecute(Unknown Source)
at microsoft.exchange.webservices.data.MultiResponseServiceRequest.execute(Unknown Source)
at microsoft.exchange.webservices.data.ExchangeService.internalCreateItems(Unknown Source)
at microsoft.exchange.webservices.data.ExchangeService.createItem(Unknown Source)
at microsoft.exchange.webservices.data.Item.internalCreate(Unknown Source)
at microsoft.exchange.webservices.data.EmailMessage.internalSend(Unknown Source)
at microsoft.exchange.webservices.data.EmailMessage.send(Unknown Source)
at com.ashok.calsync.Sync.testMethod(Sync.java:39)
at com.ashok.calsync.Sync.main(Sync.java:12)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
... 11 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
... 28 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
... 34 more
我已将 Outlook 使用的证书导出到 .cer 文件并使用 keytool 导入到 cacerts。
keytool -import -file D:\Ashok\myOutlookCert1.cer -keystore cacerts -alias myOutlookCert1
eclipse 中的 Run 配置在 VM Arguments 下包括以下内容
-Djavax.net.debug=all -Djavax.net.ssl.keyStore="C:\java_jdk\1.6.0_30\jre\lib\security\cacerts" -Djavax.net.ssl.keyStorePassword=changeit -Djavax.net。 ssl.trustStore="C:\java_jdk\1.6.0_30\jre\lib\security\cacerts" -Djavax.net.ssl.trustStorePassword=changeit
并且证书在调试跟踪中可见
添加为受信任证书:主题:CN=123.abc,CN=S,CN=A,CN=OurDomain,CN=XYZ,CN=pki,DC=xyz,DC=com 颁发者:CN=XYZ-CA1-FR, CN=PKI, DC=XYZ, DC=com 算法:RSA;序列号:0x43559d09
有效期从 2012 年 6 月 19 日星期二 13:31:28 IST 到 2015 年 6 月 19 日星期五 14:01:28 IST
毕竟这些,异常表明找不到证书。这里的问题是:
- 我们如何确认我导入到 cacerts 的证书是服务器正在寻找的证书?
- 我已经从 Outlook 的信任中心(从电子邮件安全部分)导出了证书。这是连接到 Exchange Server 的正确证书吗?
非常感谢您的帮助。
问候,
阿肖克