Java Mail: SSLHandshakeException when sending email on port 25 without SSL

Question

Although I'm trying to send an email on port 25 without SSL, I'm getting an SSLHandshakeException. Below you can see debug messages printed by javax.mail.Session and the SSLHandshakeException.

Can you help me understand what's going on?

22 Dec 2009 15:13:21,054  INFO root:197 - DEBUG: setDebug: JavaMail version 1.4ea
22 Dec 2009 15:13:21,059  INFO root:197 - DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsystems, Inc]
22 Dec 2009 15:13:21,103  INFO root:197 - DEBUG SMTP: useEhlo true, useAuth false
22 Dec 2009 15:13:21,103  INFO root:197 - DEBUG SMTP: trying to connect to host "mail.abcdef.com", port 25, isSSL false
22 Dec 2009 15:13:21,338  INFO root:197 - 220 mail.uvwxyz.com ESMTP abcdef Mail Server v8.0; Tue, 22 Dec 2009 15:12:10 -0700
22 Dec 2009 15:13:21,338  INFO root:197 - DEBUG SMTP: connected to host "mail.abcdef.com", port: 25
22 Dec 2009 15:13:21,342  INFO root:197 - EHLO fsb160
22 Dec 2009 15:13:21,383  INFO root:197 - 250-mail.uvwxyz.com Hello fsb160 [65.124.157.54], pleased to meet you.
250-ENHANCEDSTATUSCODES
250-SIZE
250-EXPN
250-ETRN
250-ATRN
250-DSN
250-CHECKPOINT
250-8BITMIME
250-AUTH CRAM-MD5 DIGEST-MD5 LOGIN PLAIN
250-AUTH=LOGIN
250-STARTTLS
250 HELP
22 Dec 2009 15:13:21,383  INFO root:197 - DEBUG SMTP: Found extension "ENHANCEDSTATUSCODES", arg ""
22 Dec 2009 15:13:21,383  INFO root:197 - DEBUG SMTP: Found extension "SIZE", arg ""
22 Dec 2009 15:13:21,384  INFO root:197 - DEBUG SMTP: Found extension "EXPN", arg ""
22 Dec 2009 15:13:21,384  INFO root:197 - DEBUG SMTP: Found extension "ETRN", arg ""
22 Dec 2009 15:13:21,384  INFO root:197 - DEBUG SMTP: Found extension "ATRN", arg ""
22 Dec 2009 15:13:21,384  INFO root:197 - DEBUG SMTP: Found extension "DSN", arg ""
22 Dec 2009 15:13:21,385  INFO root:197 - DEBUG SMTP: Found extension "CHECKPOINT", arg ""
22 Dec 2009 15:13:21,385  INFO root:197 - DEBUG SMTP: Found extension "8BITMIME", arg ""
22 Dec 2009 15:13:21,385  INFO root:197 - DEBUG SMTP: Found extension "AUTH", arg "CRAM-MD5 DIGEST-MD5 LOGIN PLAIN"
22 Dec 2009 15:13:21,385  INFO root:197 - DEBUG SMTP: Found extension "AUTH=LOGIN", arg ""
22 Dec 2009 15:13:21,386  INFO root:197 - DEBUG SMTP: Found extension "STARTTLS", arg ""
22 Dec 2009 15:13:21,386  INFO root:197 - DEBUG SMTP: Found extension "HELP", arg ""
22 Dec 2009 15:13:21,389  INFO root:197 - STARTTLS
22 Dec 2009 15:13:21,430  INFO root:197 - 220 2.0.0 Ready to start TLS
22 Dec 2009 15:13:21,809  INFO root:197 - EHLO fsb160
22 Dec 2009 15:13:21,886  WARN E:314 - Failed to send email
javax.mail.MessagingException: Can't send command to SMTP host;
  nested exception is:
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at com.sun.mail.smtp.SMTPTransport.sendCommand(SMTPTransport.java:1420)
    at com.sun.mail.smtp.SMTPTransport.sendCommand(SMTPTransport.java:1408)
    at com.sun.mail.smtp.SMTPTransport.ehlo(SMTPTransport.java:847)
    at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:384)
    at javax.mail.Service.connect(Service.java:275)
    at javax.mail.Service.connect(Service.java:156)
    at java.lang.Thread.run(Unknown Source)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
    at com.sun.mail.util.TraceOutputStream.write(TraceOutputStream.java:101)
    at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
    at java.io.BufferedOutputStream.flush(Unknown Source)
    at com.sun.mail.smtp.SMTPTransport.sendCommand(SMTPTransport.java:1418)
    ... 7 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
    at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
    at sun.security.validator.Validator.validate(Unknown Source)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
    ... 19 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
    at java.security.cert.CertPathBuilder.build(Unknown Source)
    ... 25 more

The code used to create the session and to connect to the server:

Session session = EmailUtilities.createSession(smtpServer, smtpPort, smtpSSL, smtpAuthentication);

Transport transport = session.getTransport();
transport.connect(smtpServer, smtpUser, smtpPassword);

try {
    MimeMessage message = EmailUtilities.createMessage(Main.APPLICATION_NAME + " " + Main.APPLICATION_VERSION, session, to, from, subject, body, attachmentName, attachment, "application/pdf");
    transport.sendMessage(message, message.getAllRecipients());
} catch (Exception e) {
    throw new Exception(e);
} finally {
    transport.close();
}


public static Session createSession(String smtpServer, Integer smtpPort, boolean ssl, boolean authenticate) {
    String protocol = "smtp"; //$NON-NLS-1$
    if (ssl) {
    protocol = "smtps"; //$NON-NLS-1$
    }

    // -- Attaching to default Session, or we could start a new one --
    Properties props = new Properties();
    props.put("mail.transport.protocol", protocol);
    props.put("mail." + protocol + ".host", smtpServer);
    props.put("mail." + protocol + ".port", smtpPort.toString());
    props.put("mail." + protocol + ".starttls.enable", Boolean.TRUE.toString());

    if (authenticate) {
        props.put("mail." + protocol + ".auth", Boolean.TRUE.toString());
    }

    Session session = Session.getDefaultInstance(props, null);
    session.setDebug(true);

    return session;
}

It would also help to know which JavaMail implementation and version you are using. — Jim Garrison, Dec 22 '09 at 23:32
@notnoop I've just updated the question with the code I use to create the session and to connect to the server. @Jim I'm using Java Mail 1.4. — Nicu, Dec 23 '09 at 07:42

score 6 · Accepted Answer · edited Dec 22 '09 at 23:36

6

Make sure you haven't enabled starttls in your properties (mail.smtp.starttls.enable=true)

edited Dec 22 '09 at 23:36

Bozho

588,226
146
1,060
1,140

answered Dec 22 '09 at 23:34

Jim Garrison

85,615
20
155
190

score 1 · Answer 2 · answered Nov 15 '22 at 11:08

1

As explained in this page, the TLS 1.0 and TLS 1.1 has been disabled in JDK 8 or 11, try the solutions and let me know if it works.

answered Nov 15 '22 at 11:08

Karan

11
2

Java Mail: SSLHandshakeException when sending email on port 25 without SSL

2 Answers2

Linked