客户给的邮件服务器要SSL,使用Spring的JavaMailSenderImpl,Spring配置如下


<bean id="javaMailSender" class="org.springframework.mail.javamail.JavaMailSenderImpl">  
    <property name="host" value="${mail.smtp.host}" />  
    <property name="username" value="${mail.smtp.username}" />  
    <property name="password" value="${mail.smtp.password}" />  
    <property name="port" value="${mail.smtp.port}" />  
    <property name="javaMailProperties">  
        <props>  
            <prop key="mail.smtp.timeout">${mail.smtp.timeout}</prop>  
            <prop key="mail.smtp.auth">${mail.smtp.auth}</prop>  
            <prop key="mail.smtp.starttls.enable">${mail.smtp.starttls.enable}</prop>  
            <prop key="mail.smtp.socketFactory.port">${mail.smtp.port}</prop>  
            <prop key="mail.smtp.socketFactory.class">javax.net.ssl.SSLSocketFactory</prop>  
            <prop key="mail.smtp.socketFactory.fallback">false</prop>  
        </props>  
    </property>  
</bean>


 

mail.properties内容如下

mail.smtp.host=smtp.xyz.com
mail.smtp.port=465
mail.smtp.username=alerts+abc.net
mail.smtp.password=12345678
mail.smtp.auth=true
mail.smtp.starttls.enable=true
mail.smtp.timeout=50000
mail.from=alerts@abc.net
mail.replyTo=alerts@abc.net

 

发送邮件时得到异常如下

 

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at org.springframework.mail.javamail.JavaMailSenderImpl.doSend(JavaMailSenderImpl.java:419)
    at org.springframework.mail.javamail.JavaMailSenderImpl.send(JavaMailSenderImpl.java:342)
Caused by: javax.mail.MessagingException: Exception reading response;
  nested exception is:
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at com.sun.mail.smtp.SMTPTransport.readServerResponse(SMTPTransport.java:1462)
    at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1260)
    ... 4 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
    ... 8 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
    at sun.security.validator.Validator.validate(Validator.java:218)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
    ... 20 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
    ... 26 more

 

Google一下,需要保存安装证书

 

官方的QA http://java.sun.com/products/javamail/FAQ.html#installcert

 

Q: When connecting to my mail server over SSL I get an exception like "unable to find valid certification path to requested target".
A: Your server is probably using a test certificate or self-signed certificate instead of a certificate signed by a commercial Certificate Authority. You'll need to install the server's certificate into your trust store. The InstallCert program will help.

 

在这里 http://blogs.sun.com/andreas/entry/no_more_unable_to_find 有解决方案

 

http://blogs.sun.com/andreas/resource/InstallCert.java 的代码来安装证书

 

运行 java InstallCert smtp.xyz.com:465
得到jssecacerts文件后复制到jdk1.6.0_14\jre\lib\security目录

 

然后再发送邮件就OK了

 

附件是 InstallCert.java