0

我尝试使用自签名证书通过 imap 和 ssl 获取电子邮件,但它不起作用。当我尝试连接时,出现“PKIX 路径验证失败”异常。我已将我的证书添加到 java 密钥库并在我的代码中设置相关属性,但我不确定这是否足够。我的情况有一些细节:

我创建了自己的密钥库并使用 keytool 命令将此证书导入其中:

keytool -import -trustcacerts -alias root -file mycert.crt -keystore C:\Users\me\Desktop\keystore.jks

我的代码是:

System.setProperty("javax.net.ssl.keyStore", "C:/Users/me/Desktop/keystore.jks");
System.setProperty("javax.net.ssl.trustStore", "C:/Users/me/Desktop/keystore.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "123456");
System.setProperty("javax.net.ssl.keyStorePassword", "123456");

Message[] emails;
Folder folder = null;
Store store = null;

try {
Properties props = System.getProperties();

Session session = Session.getDefaultInstance(props, null);
store = session.getStore("imaps");

store.connect(host,login, password);
folder = store.getFolder("INBOX");
folder.open(Folder.READ_ONLY);

emails = folder.getMessages();
System.out.println("You've got: "+emails.length+" emails");

} catch (Exception e) {
e.printStackTrace();
}
finally {
if (folder != null)
    folder.close(false);
if (store != null)
    store.close();
}

在 store.connect() 我得到“PKIX 验证失败异常”。有一个堆栈跟踪:

javax.mail.MessagingException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: unrecognized critical extension(s);
  nested exception is:
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: unrecognized critical extension(s)
    at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:674)
    at javax.mail.Service.connect(Service.java:345)
    at javax.mail.Service.connect(Service.java:226)
    at Mail.checkMailBox(Mail.java:69)
    at Mail.main(Mail.java:99)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: unrecognized critical extension(s)
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1886)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
    at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:528)
    at com.sun.mail.util.SocketFetcher.createSocket(SocketFetcher.java:333)
    at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:229)
    at com.sun.mail.iap.Protocol.<init>(Protocol.java:116)
    at com.sun.mail.imap.protocol.IMAPProtocol.<init>(IMAPProtocol.java:115)
    at com.sun.mail.imap.IMAPStore.newIMAPProtocol(IMAPStore.java:689)
    at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:638)
    ... 4 more
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: unrecognized critical extension(s)
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:350)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:260)
    at sun.security.validator.Validator.validate(Validator.java:260)
    at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
    ... 18 more
Caused by: java.security.cert.CertPathValidatorException: unrecognized critical extension(s)
    at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:192)
    at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:351)
    at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:191)
    at java.security.cert.CertPathValidator.validate(CertPathValidator.java:279)
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:345)
    ... 24 more

我的代码中还有什么我需要的,或者我的证书有问题吗?这个问题的原因是什么?请帮忙。

问候, 阿图尔

4

1 回答 1

1

我看不出你做错了什么,但你可能想尝试这里描述的过程。另请参阅此 JavaMail FAQ 条目以获取更多建议。

于 2013-07-30T21:13:26.977 回答