Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade to greenmail 2.1.1 #490

Open
DavidWhitlock opened this issue Nov 28, 2024 · 0 comments
Open

Upgrade to greenmail 2.1.1 #490

DavidWhitlock opened this issue Nov 28, 2024 · 0 comments

Comments

@DavidWhitlock
Copy link
Collaborator

DavidWhitlock commented Nov 28, 2024

Something changed between greenmail 2.0.1 and 2.1.1 related to how the SMTP/IMAPS certificates are handled. Per greenmail-mail-test/greenmail#163, I changed how the Greenmail server and the IMAPS client connection were created. However, the client fails because the self-signed certificate doesn't have a subject alternate name present for localhost.

	javax.net.ssl.SSLHandshakeException: No subject alternative names present
	at org.eclipse.angus.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:734)
	at jakarta.mail.Service.connect(Service.java:342)
	at edu.pdx.cs.joy.grader.GreenmailIntegrationTestCase.connectToIMAPServer(GreenmailIntegrationTestCase.java:94)
	at edu.pdx.cs.joy.grader.SendAndReceiveMultipartWithGreenmailIT.fetchAttachmentsFromUnreadMessagesInFolder(SendAndReceiveMultipartWithGreenmailIT.java:44)
	at edu.pdx.cs.joy.grader.SendAndReceiveMultipartWithGreenmailIT.sendAndFetchMailMessageWithMultipleAttachments(SendAndReceiveMultipartWithGreenmailIT.java:40)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)
Caused by: javax.net.ssl.SSLHandshakeException: No subject alternative names present
	at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:371)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:314)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:309)
	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1357)
	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232)
	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175)
	at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
	at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
	at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
	at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201)
	at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
	at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1500)
	at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1415)
	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:450)
	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:421)
	at org.eclipse.angus.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:662)
	at org.eclipse.angus.mail.util.SocketFetcher.createSocket(SocketFetcher.java:409)
	at org.eclipse.angus.mail.util.SocketFetcher.getSocket(SocketFetcher.java:243)
	at org.eclipse.angus.mail.iap.Protocol.<init>(Protocol.java:117)
	at org.eclipse.angus.mail.imap.protocol.IMAPProtocol.<init>(IMAPProtocol.java:132)
	at org.eclipse.angus.mail.imap.IMAPStore.newIMAPProtocol(IMAPStore.java:755)
	at org.eclipse.angus.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:690)
	... 7 more
Caused by: java.security.cert.CertificateException: No subject alternative names present
	at java.base/sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:142)
	at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:101)
	at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:456)
	at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:426)
	at java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkAdditionalTrust(SSLContextImpl.java:1475)
	at java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1442)
	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341)

I spent a while trying to debug it, but I couldn't figure out how to 1) enable a subject alternate name or 2) disable this checking.

I need to investigate this more at a later time.

See https://github.com/JoyOfCodingPDX/JoyOfCoding/tree/issue-490/upgrade-greenmail-to-2.1.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant