Skip to Main Content

Java EE (Java Enterprise Edition) General Discussion

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Authenticated Client Handshake SMTP STARTTLS

843834Oct 9 2008 — edited Oct 9 2008
Hi,

Someone can help me ? I'm searching to send client certificat to my postfix's server.

With Wireshark (Ethereal), i can see :
* the request STARTTLS and reply
* the presentation of server certificate
After the postfix'server close the connexion because "No client certificate presented"

My "gestionnaire.absence.p12" is a certificat create with YAST include : (key 1024)
- digital signature
- Non repudation
- Key encipherment
- Key Agreement
- Certificate Sign

I've used too the Keytool command to include CA certificats.

if I desactive the "smtpd_tls_requert_cert = true" in postfix, there is no problem. But it's not the solution for me.

Thanks.

ps: sorry for my English.


********** code and debug ************


try {
Properties props = new Properties ();
props = System.getProperties();
props.put("mail.smtp.host", "mail.info1.fr");
props.put("mail.smtp.port", 25);
props.put("mail.smtp.debug", "true");
props.put("mail.smtp.auth", "true");
props.put("mail.smtp.auth.plain.disable", "true");
props.put("mail.transport.protocol","smtp");

props.put("mail.from","gestionnaire.absence@info1.fr");


KeyManagerFactory mgrFact = KeyManagerFactory.getInstance("SunX509");
KeyStore clientStore = KeyStore.getInstance("PKCS12");
clientStore.load(new FileInputStream("/root/gestionnaire.absence.p12"),"azerty".toCharArray());

mgrFact.init(clientStore, "azerty".toCharArray());

SSLContext sslContext = SSLContext.getInstance("TLS");

sslContext.init(mgrFact.getKeyManagers(), null, null);

SSLSocketFactory fact = sslContext.getSocketFactory();

props.put("mail.smtp.socketFactory.port", 25);

/*
* So here :
* props.put("mail.smtp.socketFactory.class", "javax.net.ssl.SSLSocketFactory" );
*/ bug : i can't receive server certificat. The connexion close at the begining.

props.put("mail.smtp.socketFactory.class", fact);
props.put("mail.smtp.socketFactory.fallback","false");

props.put("mail.smtp.starttls.enable", "true");

System.setProperty("javax.net.debug","ssl,handshake");

Authenticator auth = new SMTPAuthenticator();
Session session = Session.getDefaultInstance(props,auth);


// Message mime
MimeMessage message = new MimeMessage(session);

message.setFrom(new InternetAddress("gestionnaire.absence@info1.fr"));

message.addRecipient(MimeMessage.RecipientType.TO, new InternetAddress("mr.xyz@info1.fr"));
message.setSubject("SUJET TEST");
message.setText("message de test");

// Envoie
session.setDebug(true);

Transport.send(message);


}
catch (Exception ae){

//log.error(" Erreur création / envoie d'un nouveau message ! ");
//log.error("Unexpected exception", ae);

}


********************************************************************************************

consol DEBUG :

DEBUG: setDebug: JavaMail version 1.4.1
DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsystems, Inc]
DEBUG SMTP: useEhlo true, useAuth true
DEBUG SMTP: useEhlo true, useAuth true
DEBUG SMTP: trying to connect to host "mail.info1.fr", port 25, isSSL false
220 Veuillez vous deconnecter si vous n'etes pas autorise.
DEBUG SMTP: connected to host "mail.info1.fr", port: 25

EHLO mail
250-mail.info1.fr
250-PIPELINING
250-SIZE 5242880
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
DEBUG SMTP: Found extension "PIPELINING", arg ""
DEBUG SMTP: Found extension "SIZE", arg "5242880"
DEBUG SMTP: Found extension "ETRN", arg ""
DEBUG SMTP: Found extension "STARTTLS", arg ""
DEBUG SMTP: Found extension "ENHANCEDSTATUSCODES", arg ""
DEBUG SMTP: Found extension "8BITMIME", arg ""
DEBUG SMTP: Found extension "DSN", arg ""
STARTTLS
220 2.0.0 Ready to start TLS
EHLO mail


421 4.7.1 mail.info1.fr Error: No client certificate presented



DEBUG SMTP: use8bit false
MAIL FROM:<gestionnaire.absence@info1.fr>
DEBUG SMTP: EOF: [EOF]
DEBUG SMTP: got response code -1, with response: [EOF]
RSET
javax.mail.MessagingException: Can't send command to SMTP host;
nested exception is:
java.net.SocketException: Connection closed by remote host

and a lot of exception more
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Nov 6 2008
Added on Oct 9 2008
2 comments
700 views