在java中为imaps添加自定义信任库

时间:2013-02-09 10:45:49

标签: java ssl imap truststore

我使用SMTP邮件和检索邮件我使用imaps(imap + ssl):

内部连接方法我做:

private Session connect(SMTPTask task) {

    SSLSocketFactory factory = null;
    try {
        SSLContext ctx;
        KeyManagerFactory kmf;
        KeyStore ks;
        char[] passphrase = "changeit".toCharArray();

        ctx = SSLContext.getInstance("TLS");
        kmf = KeyManagerFactory.getInstance("SunX509");
        ks = KeyStore.getInstance("JKS");

        ks.load(new FileInputStream("truststore.jks"), passphrase);

        kmf.init(ks, passphrase);
        ctx.init(kmf.getKeyManagers(), null, null);

        factory = ctx.getSocketFactory();
    } catch (Exception e) {
        log.error("Error with SSLFactory",e);
    }

    String host = getHost();
    String port = String.valueOf(getPort());

    Authenticator authenticator = new Authenticator(task);


    Properties properties = new Properties();
    properties.setProperty("mail.smtp.submitter", authenticator.getPasswordAuthentication().getUserName());
    properties.setProperty("mail.smtp.auth", "true");
    //properties.setProperty("mail.imap.auth.login.disable", "true");
    properties.setProperty("mail.smtp.host", host);
    properties.setProperty("mail.smtp.port", port);
    properties.put("mail.imaps.ssl.socketFactory", factory);
    properties.setProperty("mail.imap.port", "993");

    Properties systemProps = System.getProperties();
    systemProps.put( "javax.net.ssl.trustStore", "truststore.jks");
    systemProps.put( "javax.net.ssl.trustStorePassword", "changeit");
    System.setProperties(systemProps);

    return Session.getInstance(properties, authenticator);

我做的其他地方:

...
store.connect(getHost(),getUser(),getPass());
...

修改:此处我收到以下例外情况:

PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

现在我想添加一个带有自己证书的自定义信任库。另一篇文章展示了如何在java中做到这一点:Add trustStore for client authentication

但是如何将SSLSocketFactory与我的商店结合起来呢?所以我的商店使用自定义ssl连接?

这样做的正确方法是什么?如果那不可能,还有另一种方法如何将我的信任库添加到java中的商店吗?

编辑:我错过了什么,或者我在属性中做错了什么?

此致

1 个答案:

答案 0 :(得分:1)

您通过用于创建Session

的属性映射传递套接字工厂 
Properties props = new Properties();
// other properties as usual
props.put("mail.imaps.ssl.socketFactory", new MyCustomSSLSocketFactory());
Session sess = Session.getInstance(props);

有关详细信息,请参阅com.sun.mail.imap package summary底部的表格。

相关问题
最新问题