# IMAP über SSL



## TimmyO (21. Jun 2007)

Hallo!

Ich habe einen Mail-Account bei einem Server mit SSL.
Die Verbindung funktioniert allerdings nicht.


```
package mail.protocol;

import java.io.*;
import java.util.*;
import javax.mail.*;
import mail.util.*;
import com.sun.mail.imap.*;

public class IMAP implements GetProtocol
{
	public static final int PLAIN = 0;
	public static final int SSL = 1;
	
	private Session imap4session;
	private Store imap4store;
	private Folder imap4folder;
	
	private String host;
	private String user;
	private String password;
	private int type = 0;
	
	public IMAP(String host, String user, String password) throws NoSuchProviderException, MessagingException
	{
		this.host = host;
		this.user = user;
		this.password = password;
		
		this.imap4session = Session.getDefaultInstance(new Properties());
		this.imap4store = this.imap4session.getStore("imap");
		this.imap4store.connect(this.host, this.user, this.password);
		this.imap4folder = this.imap4store.getFolder("INBOX");
		this.imap4folder.open(Folder.READ_ONLY);
	}
	
	public IMAP(String host, String user, String password, int type) throws NoSuchProviderException, MessagingException
	{
		this.host = host;
		this.user = user;
		this.password = password;
		this.type = type;
		
		if(this.type == IMAP.SSL)
		{
			this.imap4session = Session.getDefaultInstance(new Properties());
			this.imap4store = new IMAPSSLStore(this.imap4session, new URLName(this.host));
			this.imap4store.connect(this.host, this.user, this.password);
			this.imap4folder = this.imap4store.getFolder("INBOX");
			this.imap4folder.open(Folder.READ_ONLY);
		}
		else
		{
			this.imap4session = Session.getDefaultInstance(new Properties());
			this.imap4store = this.imap4session.getStore("imap");
			this.imap4store.connect(this.host, this.user, this.password);
			this.imap4folder = this.imap4store.getFolder("INBOX");
			this.imap4folder.open(Folder.READ_ONLY);
		}
	}
	
	public void close() throws MessagingException
	{
		this.imap4folder.close(true);
		this.imap4store.close();
	}
}
```

Fehlermeldung:

```
javax.mail.MessagingException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target;
  nested exception is:
	javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:479)
	at javax.mail.Service.connect(Service.java:275)
	at javax.mail.Service.connect(Service.java:156)
	at mail.protocol.IMAP.<init>(IMAP.java:72)
	at test.TestIMAP.main(TestIMAP.java:14)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
	at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
	at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(Unknown Source)
	at com.sun.net.ssl.internal.ssl.AppInputStream.read(Unknown Source)
	at com.sun.mail.util.TraceInputStream.read(TraceInputStream.java:97)
	at java.io.BufferedInputStream.fill(Unknown Source)
	at java.io.BufferedInputStream.read(Unknown Source)
	at com.sun.mail.iap.ResponseInputStream.read0(ResponseInputStream.java:81)
	at com.sun.mail.iap.ResponseInputStream.readResponse(ResponseInputStream.java:67)
	at com.sun.mail.iap.Response.<init>(Response.java:83)
	at com.sun.mail.imap.protocol.IMAPResponse.<init>(IMAPResponse.java:48)
	at com.sun.mail.imap.protocol.IMAPResponse.readResponse(IMAPResponse.java:122)
	at com.sun.mail.imap.protocol.IMAPProtocol.readResponse(IMAPProtocol.java:230)
	at com.sun.mail.iap.Protocol.<init>(Protocol.java:91)
	at com.sun.mail.imap.protocol.IMAPProtocol.<init>(IMAPProtocol.java:87)
	at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:446)
	... 4 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
	at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
	at sun.security.validator.Validator.validate(Unknown Source)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
	... 24 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
	at java.security.cert.CertPathBuilder.build(Unknown Source)
	... 30 more
```

Was ist das Problem? Habe davor noch nie Java+SSL ausprobiert.
Ich bitte um Lösungsansätze.

Lg


----------



## TimmyO (6. Jul 2007)

Ich pushe mein Problem mal!

Habe selbst noch immer keine Lösung gefunden.
Von euch auch niemand (nicht mal einen dieser berühmten "anstrengenden" Links)  ???:L 

Lg,
TimmyO


----------



## Murray (6. Jul 2007)

Sieht so aus, als fehlte das Zertifikat in deinem Truststore.


----------



## TimmyO (9. Jul 2007)

Murray hat gesagt.:
			
		

> Sieht so aus, als fehlte das Zertifikat in deinem Truststore.



Hallo Murray!

Jetzt hab ich wenigstens mal eine Antwort (=Ansatzpunkt).
Wenn ich wieder zuhause bin schau ich mir mal an was so ein "Truststore" ist.
Außer du willst es mir erklären.  :wink: 

Andererseits brauche ich Programmen wie z. B. outlook als User kein Zertifikat "geben". Also muss ich dieses auch irgendwie aus Java bekommen.
Wie funktioniert das?

hoffe auf eine weitere Antwort.

Lg,
TimmyO


----------

