Question

我遇到了一个奇怪的问题。我们必须每10分钟轮询一次邮箱并检查新邮件（POP3，IMAP）。我们用几个邮件提供商（gmail，1and1，web.de，gmx，...）测试了我们的实现，一切正常。

现在我们必须使用outlook.office365.com上的POP3和SSL邮箱。启动我们的服务一切正常，但几个小时后，邮箱检查会在打开邮箱存储时抛出错误。

javax.mail.MessagingException: Connect failed;
  nested exception is:
javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair
at com.sun.mail.pop3.POP3Store.protocolConnect(POP3Store.java:210)
at javax.mail.Service.connect(Service.java:295)
at com.heiler.hbc.sil.mail.internal.MailerServiceImpl.createStore(MailerServiceImpl.java:298)
at com.heiler.hbc.sil.mail.internal.MailerServiceImpl.retrieveMails(MailerServiceImpl.java:499)
at com.heiler.hbc.sil.mail.internal.MailerServiceImpl.accessMailbox(MailerServiceImpl.java:180)
at sun.reflect.GeneratedMethodAccessor1272.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
at org.springframework.osgi.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:58)
at org.springframework.osgi.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:62)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:132)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:120)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.osgi.service.util.internal.aop.ServiceTCCLInterceptor.invokeUnprivileged(ServiceTCCLInterceptor.java:56)
at org.springframework.osgi.service.util.internal.aop.ServiceTCCLInterceptor.invoke(ServiceTCCLInterceptor.java:39)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.osgi.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.java:59)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:132)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:120)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at com.sun.proxy.$Proxy323.accessMailbox(Unknown Source)
at com.heiler.hbc.sil.pinquiry.internal.ReceiveResponseService.service(ReceiveResponseService.java:103)
at com.heiler.hbc.sil.pinquiry.internal.ReceiveResponseService.service(ReceiveResponseService.java:34)
at com.heiler.hbc.service.executor.internal.PInquiryCheckMailboxService.execute(PInquiryCheckMailboxService.java:110)
at com.heiler.hbc.service.executor.internal.AbstractSchedulerService.run(AbstractSchedulerService.java:61)
at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:53)
at org.springframework.scheduling.concurrent.ReschedulingRunnable.run(ReschedulingRunnable.java:81)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:178)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:292)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1842)
at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1825)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1346)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:548)
at com.sun.mail.util.SocketFetcher.createSocket(SocketFetcher.java:352)
at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:207)
at com.sun.mail.pop3.Protocol.<init>(Protocol.java:111)
at com.sun.mail.pop3.POP3Store.getPort(POP3Store.java:261)
at com.sun.mail.pop3.POP3Store.protocolConnect(POP3Store.java:206)
... 37 more
Caused by: java.lang.RuntimeException: Could not generate DH keypair
at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:80)
at sun.security.ssl.ClientHandshaker.serverKeyExchange(ClientHandshaker.java:632)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:218)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
... 44 more
Caused by: java.security.InvalidAlgorithmParameterException: parameter object not a ECParameterSpec
at org.bouncycastle.jce.provider.JDKKeyPairGenerator$EC.initialize(Unknown Source)
at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:75)
... 51 more

这是我的createStore方法：

private void createStore() throws MessagingException
  {
if ( store == null )
{
  store = session.getStore( authType.getType() );
}
if ( store != null && !store.isConnected() )
{
  try
  {
    store.connect( popHost, popPort, user, password );
  }
  catch ( MessagingException e )
  {
    store = null;
    logger.error( "Cannot connect to configured mailbox: [Host: " + popHost + ", Port: " + popPort + ", User: " //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
                  + user + "]" ); //$NON-NLS-1$
    logger.debug( "", e );
  }
}
}

在store.connect（..）上发生错误。

任何有想法可以解决这个错误的人在哪里？

由于斯蒂芬

Answer 1

更新BouncyCastle依赖项解决了这个问题。

Answer 2

看起来BouncyCastle提供商有一个问题：

Caused by: java.security.InvalidAlgorithmParameterException: parameter object not a ECParameterSpec
at org.bouncycastle.jce.provider.JDKKeyPairGenerator$EC.initialize(Unknown Source)

你的程序在运行时是否正在做任何改变BouncyCastle配置的事情？如果没有，也许这是BouncyCastle中的一个错误？否则，我不知道什么会导致它工作一段时间然后失败。

Answer 3

检查类路径中是否有过时的org.bouncycastle lib（与java版本不兼容）。

有关详细说明，请参阅http://iwang.github.io/support/2014/03/14/cxf-cause-https-error.html。

使用Javamail和POP3 SSL进行轮询会在几小时后生成DH密钥对时导致错误

3 个答案: