Send mail fails because of SSL certificate, how to

2019-08-26 09:42发布

站内文章 / Java
15 0 0

问题:

I'm new to ssl certificates and in our server (specs below 1.1) one month ago the "send mail" service stopped working. I followed the logs and it seems that there is a problem with a ssl certificate (Trace below 1.2)

  • 1.1 Server specs: jdk 1.4.2, jboss ga 4.0.2 windows server 2003

  • 1.2 Trace:

    Caused by: javax.net.ssl.SSLHandshakeException:     sun.security.validator.ValidatorException: Certificate signature validation failed
    at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA12275)
at com.sun.mail.util.TraceInputStream.read(TraceInputStream.java:97)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:183)
at java.io.BufferedInputStream.read(BufferedInputStream.java:201)
at com.sun.mail.util.LineInputStream.readLine(LineInputStream.java:75)
at com.sun.mail.smtp.SMTPTransport.readServerResponse(SMTPTransport.java:1440)
... 36 more
 Caused by: sun.security.validator.ValidatorException: Certificate signature validation failed
at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:137)
at sun.security.validator.Validator.validate(Validator.java:202)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA12275)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA12275)
... 48 more
    Caused by: java.security.NoSuchAlgorithmException: 1.2.840.113549.1.1.11 Signature not available
at java.security.Security.getEngineClassName(Security.java:672)
at java.security.Security.getEngineClassName(Security.java:683)
at java.security.Security.getImpl(Security.java:1132)
at java.security.Signature.getInstance(Signature.java:169)
at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:425)
at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:383)
at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:135)
... 51 more

What caught my attention was the "Signature not available" so I checked and read a lot but can't seem to find the root of this problem, no one has done any change to the server certificates or the java.security file, also the code that seems to get the error appears when I send a mail. the weird thing is that everything is working on my test server, but not in my production server.

回答1:

you're trying to run java1.4 which not supporting sha256 algorithm,

try http://www.bouncycastle.org/latest_releases.html

or move to newer jdk 1.5/6 will do



标签: java email ssl jboss ssl-certificate
举报

收藏的人(0)

Ta的文章 更多文章
登录 后发表评论
0条评论
还没有人评论过~