JavaMail SSL without authentication trust certificate, anyway

gtgaxiola

I have a local mail server (hMailServer) with SSL (port 465) and self signed certificate.

Domain is "foobar.com"

I have set Propertiesto enable ssl, disable authentication and trust any host

    props.put("mail.smtp.auth", "false");
    props.put("mail.smtp.ssl.enable", "true");
    props.put("mail.smtp.ssl.trust", "*");

If I send a message to via a static call Transport.send(), the email will be sent.

If I try to get the instance transportfrom the session then I get

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

How can static calls avoid SSLHandshakeException?

Here is my tester code:

public static void main(String[] args) throws Exception {
    Properties props = new Properties();
    props.put("mail.smtp.host", "127.0.0.1");
    props.put("mail.debug", "false");
    props.put("mail.smtp.port", "465");
    props.put("mail.smtp.timeout", "60000");
    props.put("mail.smtp.auth", "false");
    props.put("mail.smtp.sendpartial", "true");
    props.put("mail.smtp.ssl.enable", "true");
    props.put("mail.smtp.ssl.trust", "*");
    Session session = Session.getInstance(props);
    Message message = new MimeMessage(session);
    message.setFrom(new InternetAddress("[email protected]"));
    message.setRecipients(Message.RecipientType.TO, InternetAddress.parse("[email protected]"));
    message.setSubject("Just a Test " + new Date());
    message.setText("Hello World");

    //Comment and uncomment to test   
    Transport.send(message, message.getAllRecipients());

    //Transport t = session.getTransport("smtps");
    //t.connect();
    //t.sendMessage(message, message.getAllRecipients());
    //t.close();
}

It's a local system hidden from the outside, so I'm not worried about a man-in-the-middle attack generating their own certificate to bypass the SSL handshake...

Bill Shannon

You asked for "smtps" shipping. Set the properties of the "smtp" transport. Since you have set the "mail.smtp.ssl.enable" property to "true", you can simply request the "smtp" transport and it will use SSL.

Related

How to make browser trust local SSL certificate?

x-yuri Although, there are similar questions and even good answers , they either don't care about themselves with localhost explicitly, or ask about a specific option/solution (self-signed VS CA). What are the options? How do they compare? what should I do? x-

Trust SSL certificate with IPv6 address

Mr Zuger I have an IIS application with HTTPS binding using a self-signed certificate. The certificate contains the DNS name of the server hostname, IPv4 address, and IPv6 address. I have installed the certificate in my local machine's Trusted Root Certificati

How to make browser trust local SSL certificate?

x-yuri Although, there are similar questions and even good answers , they either don't care about themselves with localhost explicitly, or ask about a specific option/solution (self-signed VS CA). What are the options? How do they compare? what should I do? x-

Trust the SSL certificate to the local system account

Matteo Mosca I have the following needs: The Windows service needs to connect to the svn repository via https. The service also needs to run as the local system account to get IO permissions on the computer. Now, when the service tries to connect to SVN, it th

How to make browser trust local SSL certificate?

x-yuri Although, there are similar questions and even good answers , they either don't care about themselves with localhost explicitly, or ask about a specific option/solution (self-signed VS CA). What are the options? How do they compare? what do I do? x-yuri

Trust the SSL certificate to the local system account

Matteo Mosca I have the following needs: The Windows service needs to connect to the svn repository via https. The service also needs to run as the local system account to get IO permissions on the computer. Now when the service tries to connect to the SVN it

svn passwordless authentication - use SSL trust

Vishnu Kumar My SVN server is running under Apache via HTTPS, here is my server side config "/etc/httpd/conf.d/subversion.conf": <Location /> SSLRequireSSL SSLCACertificatePath /etc/pki/CA SSLCACertificateFile /etc/pki/CA/cacert.pem SSLVerifyClient opt

svn passwordless authentication - use SSL trust

Vishnu Kumar My SVN server is running under Apache via HTTPS, here is my server side config "/etc/httpd/conf.d/subversion.conf": <Location /> SSLRequireSSL SSLCACertificatePath /etc/pki/CA SSLCACertificateFile /etc/pki/CA/cacert.pem SSLVerifyClient opt

javaMail API enforces SSL encryption for SMTP authentication

paul_schaefer I want to send email through smtp server. So I use javaMail API. My properties are: Properties emailProperties = new Properties(); emailProperties.setProperty("mail.host", emailHost); emailProperties.setProperty("mail.transport.protocol", "smt

javaMail API enforces SSL encryption for SMTP authentication

paul_schaefer I want to send email through smtp server. So I use javaMail API. My properties are: Properties emailProperties = new Properties(); emailProperties.setProperty("mail.host", emailHost); emailProperties.setProperty("mail.transport.protocol", "smt

SSL certificate without hostname

sinuhepop : I have implemented a web service with server and client authentication using keytool. The problem is that this authentication won't work if I don't include the hostname in it. E.g: keytool -genkey -alias myAlias -keyalg RSA -keypass myPassword -sto

SDWebImage without ssl certificate

severin catholic I try to set the image via SDWebImage. But SDWebImage cancels the operation. I'm trying to get this image in Safari with the url and Safari asks me about the certificate. When I dismiss the dialog window, I get this image. The question is: is

git with or without ssl certificate

Aquatic organisms I'm running gitlab on a server with a self-signed certificate and I've configured git to use git config --global http.sslCAInfo path/to/cert.pem This is good. However, many of my projects use bower, and when I use bower bower install, bower

Continue without an SSL certificate

Md Rashedul Islam I have a website kismet.com. Its ssl certificate expired two days ago. but my site is showing Your connection is not secure Now I want to continue without ssl. So I deleted my ssl certificate. But it doesn't work. I checked my redirects. I di

SSL certificate without hostname

sinuhepop : I have implemented a web service with server and client authentication using keytool. The problem is that this authentication won't work if I don't include the hostname in it. E.g: keytool -genkey -alias myAlias -keyalg RSA -keypass myPassword -sto

Continue without an SSL certificate

Md Rashedul Islam I have a website kismet.com. Its ssl certificate expired two days ago. but my site is showing Your connection is not secure Now I want to continue without ssl. So I deleted my ssl certificate. But it doesn't work. I checked my redirects. I di

SDWebImage without ssl certificate

severin catholic I try to set the image via SDWebImage. But SDWebImage cancels the operation. I'm trying to get this image in Safari with the url and Safari asks me about the certificate. When I dismiss the dialog window, I get this image. The question is: is

Continue without an SSL certificate

Md Rashedul Islam I have a website kismet.com. Its ssl certificate expired two days ago. but my site is showing Your connection is not secure Now I want to continue without ssl. So I deleted my ssl certificate. But it doesn't work. I checked my redirection. I

SSL certificate without domain

xShirase I have a bunch of node.js applications serving information to an apache website via websockets (ws://). The website itself does not have a domain name and can be accessed via its IP address (which unfortunately cannot be negotiated...) Questions are a

git with or without ssl certificate

Aquatic organisms I'm running gitlab on a server with a self-signed certificate and I've configured git to use git config --global http.sslCAInfo path/to/cert.pem This is good. However, many of my projects use bower, and when I use bower bower install, bower

SSL certificate without domain

xShirase I have a bunch of node.js applications serving information to an apache website via websockets (ws://). The website itself does not have a domain name and can be accessed via its IP address (unfortunately this is not negotiable...) Questions are as fo

git with or without ssl certificate

aquatic vitamins I'm running gitlab on a server with a self-signed certificate and I've configured git to use the following certificate git config --global http.sslCAInfo path/to/cert.pem This is good. However, many of my projects use bower, and when I use bo

SSL certificate without hostname

sinuhepop : I have implemented a web service with server and client authentication using keytool. The problem is that this authentication won't work if I don't include the hostname in it. E.g: keytool -genkey -alias myAlias -keyalg RSA -keypass myPassword -sto

SDWebImage without ssl certificate

severin catholic I try to set the image via SDWebImage. But SDWebImage cancels the operation. I'm trying to get this image in Safari with the url and Safari asks me about the certificate. When I dismiss the dialog window, I get this image. The question is: is

SDWebImage without ssl certificate

severin catholic I try to set the image via SDWebImage. But SDWebImage cancels the operation. I'm trying to get this image in Safari with the url and Safari asks me about the certificate. When I dismiss the dialog window, I get this image. The question is: is