Java Mail: SSLHandshakeException when sending email on port 25 without SSL

java smtp jakarta-mail sslhandshakeexception

15,275

Make sure you haven't enabled starttls in your properties (mail.smtp.starttls.enable=true)

15,275

Author by

kyle belle

Updated on June 05, 2022

Comments

kyle belle almost 2 years

Although I'm trying to send an email on port 25 without SSL, I'm getting an SSLHandshakeException. Below you can see debug messages printed by javax.mail.Session and the SSLHandshakeException.

Can you help me understand what's going on?

22 Dec 2009 15:13:21,054  INFO root:197 - DEBUG: setDebug: JavaMail version 1.4ea
22 Dec 2009 15:13:21,059  INFO root:197 - DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsystems, Inc]
22 Dec 2009 15:13:21,103  INFO root:197 - DEBUG SMTP: useEhlo true, useAuth false
22 Dec 2009 15:13:21,103  INFO root:197 - DEBUG SMTP: trying to connect to host "mail.abcdef.com", port 25, isSSL false
22 Dec 2009 15:13:21,338  INFO root:197 - 220 mail.uvwxyz.com ESMTP abcdef Mail Server v8.0; Tue, 22 Dec 2009 15:12:10 -0700
22 Dec 2009 15:13:21,338  INFO root:197 - DEBUG SMTP: connected to host "mail.abcdef.com", port: 25
22 Dec 2009 15:13:21,342  INFO root:197 - EHLO fsb160
22 Dec 2009 15:13:21,383  INFO root:197 - 250-mail.uvwxyz.com Hello fsb160 [65.124.157.54], pleased to meet you.
250-ENHANCEDSTATUSCODES
250-SIZE
250-EXPN
250-ETRN
250-ATRN
250-DSN
250-CHECKPOINT
250-8BITMIME
250-AUTH CRAM-MD5 DIGEST-MD5 LOGIN PLAIN
250-AUTH=LOGIN
250-STARTTLS
250 HELP
22 Dec 2009 15:13:21,383  INFO root:197 - DEBUG SMTP: Found extension "ENHANCEDSTATUSCODES", arg ""
22 Dec 2009 15:13:21,383  INFO root:197 - DEBUG SMTP: Found extension "SIZE", arg ""
22 Dec 2009 15:13:21,384  INFO root:197 - DEBUG SMTP: Found extension "EXPN", arg ""
22 Dec 2009 15:13:21,384  INFO root:197 - DEBUG SMTP: Found extension "ETRN", arg ""
22 Dec 2009 15:13:21,384  INFO root:197 - DEBUG SMTP: Found extension "ATRN", arg ""
22 Dec 2009 15:13:21,384  INFO root:197 - DEBUG SMTP: Found extension "DSN", arg ""
22 Dec 2009 15:13:21,385  INFO root:197 - DEBUG SMTP: Found extension "CHECKPOINT", arg ""
22 Dec 2009 15:13:21,385  INFO root:197 - DEBUG SMTP: Found extension "8BITMIME", arg ""
22 Dec 2009 15:13:21,385  INFO root:197 - DEBUG SMTP: Found extension "AUTH", arg "CRAM-MD5 DIGEST-MD5 LOGIN PLAIN"
22 Dec 2009 15:13:21,385  INFO root:197 - DEBUG SMTP: Found extension "AUTH=LOGIN", arg ""
22 Dec 2009 15:13:21,386  INFO root:197 - DEBUG SMTP: Found extension "STARTTLS", arg ""
22 Dec 2009 15:13:21,386  INFO root:197 - DEBUG SMTP: Found extension "HELP", arg ""
22 Dec 2009 15:13:21,389  INFO root:197 - STARTTLS
22 Dec 2009 15:13:21,430  INFO root:197 - 220 2.0.0 Ready to start TLS
22 Dec 2009 15:13:21,809  INFO root:197 - EHLO fsb160
22 Dec 2009 15:13:21,886  WARN E:314 - Failed to send email
javax.mail.MessagingException: Can't send command to SMTP host;
  nested exception is:
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at com.sun.mail.smtp.SMTPTransport.sendCommand(SMTPTransport.java:1420)
    at com.sun.mail.smtp.SMTPTransport.sendCommand(SMTPTransport.java:1408)
    at com.sun.mail.smtp.SMTPTransport.ehlo(SMTPTransport.java:847)
    at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:384)
    at javax.mail.Service.connect(Service.java:275)
    at javax.mail.Service.connect(Service.java:156)
    at java.lang.Thread.run(Unknown Source)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
    at com.sun.mail.util.TraceOutputStream.write(TraceOutputStream.java:101)
    at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
    at java.io.BufferedOutputStream.flush(Unknown Source)
    at com.sun.mail.smtp.SMTPTransport.sendCommand(SMTPTransport.java:1418)
    ... 7 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
    at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
    at sun.security.validator.Validator.validate(Unknown Source)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
    ... 19 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
    at java.security.cert.CertPathBuilder.build(Unknown Source)
    ... 25 more

The code used to create the session and to connect to the server:

Session session = EmailUtilities.createSession(smtpServer, smtpPort, smtpSSL, smtpAuthentication);

Transport transport = session.getTransport();
transport.connect(smtpServer, smtpUser, smtpPassword);

try {
    MimeMessage message = EmailUtilities.createMessage(Main.APPLICATION_NAME + " " + Main.APPLICATION_VERSION, session, to, from, subject, body, attachmentName, attachment, "application/pdf");
    transport.sendMessage(message, message.getAllRecipients());
} catch (Exception e) {
    throw new Exception(e);
} finally {
    transport.close();
}


public static Session createSession(String smtpServer, Integer smtpPort, boolean ssl, boolean authenticate) {
    String protocol = "smtp"; //$NON-NLS-1$
    if (ssl) {
    protocol = "smtps"; //$NON-NLS-1$
    }

    // -- Attaching to default Session, or we could start a new one --
    Properties props = new Properties();
    props.put("mail.transport.protocol", protocol);
    props.put("mail." + protocol + ".host", smtpServer);
    props.put("mail." + protocol + ".port", smtpPort.toString());
    props.put("mail." + protocol + ".starttls.enable", Boolean.TRUE.toString());

    if (authenticate) {
        props.put("mail." + protocol + ".auth", Boolean.TRUE.toString());
    }

    Session session = Session.getDefaultInstance(props, null);
    session.setDebug(true);

    return session;
}