Could not connect to SMTP Host,pkix path building failed,unable to find valid path ...

problems with Java when sending mail

The company has recently upgraded its messaging system, and after the upgrade, mail must be encrypted with a message transmission channel. That is, SSL login.

Normal logins that were previously written will also not be available. Today in the process of modifying the program, there are some problems, and finally smooth out, recorded. how to sign in Normal Login

    <bean id= "MailSender" class= "Org.springframework.mail.javamail.JavaMailSenderImpl" >
        <property name= " Host "value=" ${mail.smtp.host} "/>
        <property name=" javamailproperties ">
            <props>
                < Prop key= "Mail.smtp.auth" >${mail.smtp.auth}</prop>
                <prop key= "Mail.smtp.timeout" >${ mail.smtp.timeout}</prop>
            </props>
        </property>
        <property name= "username" Value= "${mail.smtp.username}"/>
        <property name= "password" value= "${mail.smtp.password}"/>
    </bean>

SSL Login

<bean id= "MailSender" class= "Org.springframework.mail.javamail.JavaMailSenderImpl" > <property "Host" Value= "${mail.smtp.host}"/> <property name= "port" value= "${mail.smtp.port}"/> <property nam
        E= "username" value= "${mail.smtp.username}"/> <property name= "password" value= "${mail.smtp.password}"/> <property name= "Javamailproperties" > <props> <prop key= "Mail.smtp.timeo"
                UT ">${mail.smtp.timeout}</prop> <prop key=" Mail.smtp.auth ">${mail.smtp.auth}</prop> <prop key= "mail.smtp.starttls.enable" >${mail.smtp.starttls.enable}</prop> <p ROP key= "Mail.smtp.socketFactory.port" >${mail.smtp.port}</prop> <prop key= "Mail.smtp.socketFac Tory.class ">javax.net.ssl.SSLSocketFactory</prop> <prop key=" Mail.smtp.socketFactory.fallback "
 >false</prop>           </props> </property> </bean> 

configuration file

#------------------------------------------------------------------------------------#
The configuration of the Mail Service
#------- -----------------------------------------------------------------------------
#服务器
mail.smtp.host= Smtp.abc.com
#端口号, QQ mailbox needs to use SSL, port number 465 or 587, other mailbox default port number:
mail.smtp.port=465
#STARTTLS是对纯文本通信协议的扩展. It provides a way to upgrade a plain text connection to an encrypted connection (TLS or SSL)
mail.smtp.starttls.enable=true
#是否需要验证密码
mail.smtp.auth=true
# Timeout time
mail.smtp.timeout=50000
#---------------------------------------------------------------------- --------------
# Encryption key cannot be given
# The username and password are encrypted and decrypted tools are in the Desutil
#--------------------------------------- ---------------------------------------------
#登陆用户名 I wrote it casually,
mail.smtp.username=. cboch2llydmw2432vyrede4tjvjrstamcoe123111
#密码 QQ for authorization code 111111 I wrote it casually
mail.smtp.password= avq5jebimunr5f4wcllzza==

problems encountered after changing to SSL

Mail Server connection failed; Nested exception is javax.mail.MessagingException:Could not connect to SMTP host:smtp.abc.com, port:465;

Nested exception is:
Javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX path Building failed:sun.security.provider.certpath.SunCertPathBuilderException:unable to find valid certification path to Requested target. Failed messages:javax.mail.MessagingException:Could not connect to SMTP host:smtp.abc.com, port:465;

Nested exception is:
Javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX path Building failed:sun.security.provider.certpath.SunCertPathBuilderException:unable to find valid certification path to Requested target

Error: Could not connect to SMTP host:smtp.abc.com, port:465 PKIX Path building failed unable to find valid Path to requested target

where 1 and 2 are caused by 3.

Now the problem is to solve

Unable to find valid certification path to requested target

There are two kinds of solutions online

1 Installing Digital certificates
2 Generating certificates

I put the company's digital certificate after installation does not solve the problem, using the second method to solve

Reference documents
Http://www.tuicool.com/articles/zUjiIb

One of the articles in this article needs to be noticed in the mail system
URL needs to add port number

See the following message to indicate that the certificate was successfully generated

It's OK to copy the generated jssecacerts file to the%java_honme%\jre\lib\security\ directory.

attached Installcert.java

* * Copyright 2006 Sun Microsystems, Inc.
 All Rights Reserved. * Redistribution and use in source and binary forms, with or without * modification, are permitted provided the F ollowing conditions * are met: * Redistributions of source code must retain the above copyright * Notice, TH
 is list of conditions and the following disclaimer. * *-redistributions in binary form must reproduce the above copyright * Notice, this list of conditions and the
 Following disclaimer in the * documentation and/or other materials provided with the distribution. * *-Neither the name of the Sun Microsystems nor the names of its * contributors may is used to endorse or promote p
 Roducts derived * from this software without specific prior written.  * This SOFTWARE are provided by the COPYRIGHT holders and CONTRIBUTORS "as *" and any EXPRESS OR implied warranties, Including, BUT not LIMITED to, * The implied warranties of merchantability aD FITNESS for A particular * purpose ARE disclaimed. In NO EVENT SHALL the COPYRIGHT OWNER OR * CONTRIBUTORS is liable for any DIRECT, INDIRECT, Incidental, SPECIAL, * exemp Lary, or consequential damages (including, BUT not LIMITED to, * procurement of substitute goods OR SERVICES; LOSS of Use, DATA, OR * profits;  OR BUSINESS interruption) HOWEVER caused and on no theory of * liability, WHETHER in CONTRACT, STRICT liability, or TORT (including * negligence OR otherwise)
 Arising in no WAY out of the use of this * SOFTWARE, even IF advised of the possibility of SUCH DAMAGE.
* * Import Java.io.BufferedReader;
Import Java.io.File;
Import Java.io.FileInputStream;
Import Java.io.FileOutputStream;
Import Java.io.InputStream;
Import Java.io.InputStreamReader;
Import Java.io.OutputStream;
Import Java.security.KeyStore;
Import Java.security.MessageDigest;
Import java.security.cert.CertificateException;

Import Java.security.cert.X509Certificate;
Import Javax.net.ssl.SSLContext; ImporT javax.net.ssl.SSLException;
Import Javax.net.ssl.SSLSocket;
Import Javax.net.ssl.SSLSocketFactory;
Import Javax.net.ssl.TrustManager;
Import Javax.net.ssl.TrustManagerFactory;

Import Javax.net.ssl.X509TrustManager;
        public class Installcert {public static void main (string[] args) throws Exception {String host;
        int port;
        Char[] Passphrase; if ((args.length = 1) | | (Args.length = 2))
            {string[] c = Args[0].split (":");
            host = C[0]; Port = (C.length = 1)?
            443:integer.parseint (c[1]); String p = (args.length = 1)?
            "Changeit": args[1];
        Passphrase = P.tochararray ();
            else {System.out. println ("Usage:java installcert  
Attention 
You cannot copy the Jssecacerts files generated on your computer to the server, and if the copy does not work, it will still be an error.
The server must compile Installcert.java to generate jssecacerts files. Reference Documents

1. Resolve PKIX Problem: Unable to find valid certification path to requested target

2.Java Email-QQ server Authentication (A secure connection is requiered (such as SSL))