0
votes

I am facing below exception when trying to send mail from Java mail API : javax.mail.MessagingException: Can't send command to SMTP host; nested exception is: javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: java.security.cert.CertPathValidatorException: The certificate issued by CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE is not trusted; internal cause is: java.security.cert.CertPathValidatorException: Certificate chaining error

Below is my Java code. This same code is working fine on my local system. When I publish web application on tomcat server but same code is not working .When I deploy this on IBM WebSphere Application Server.

It shows above exception,

public static void sendMail(String toMailIds,String subject,String htmlMsg){
        String[] recipientList = toMailIds.split(",");
        InternetAddress[] recipientAddress = new InternetAddress[recipientList.length];
        int counter = 0;
        for (String recipient1 : recipientList) {
            try {
                recipientAddress[counter] = new InternetAddress(recipient1.trim());
            } catch (AddressException e) {
                e.printStackTrace();
            }
            counter++;
        }

    // Sender's email ID needs to be mentioned
    String from = "[email protected]";
    final String username = "[email protected]";//change accordingly
    final String password ="password`enter code here`";//change accordingly

    String host = "smtp.office365.com";
    Properties props = new Properties();
    props.put("mail.smtp.starttls.enable", "true");
    props.put("mail.smtp.host", host);
    props.put("mail.smtp.auth", "true");
    props.put("mail.smtp.ssl.trust", host);
   // props.put("mail.smtp.ssl.enable", "true");
    props.put("mail.smtp.port", "587");
    props.put("mail.smtp.debug", "true");
    props.put("mail.smtp.user", username);



// Get the Session object.
    Session session = Session.getInstance(props,
       new javax.mail.Authenticator() {
          protected PasswordAuthentication getPasswordAuthentication() {
             return new PasswordAuthentication(username, password);
                 }
       });

    try {
               Transport tr = session.getTransport("smtp");
               tr.connect();
               System.out.println("Validating email finished");
                 // Create a default MimeMessage object.
                 Message message = new MimeMessage(session);

                 // Set From: header field of the header.
                 message.setFrom(new InternetAddress(from));

                 // Set To: header field of the header.
                 message.setRecipients(Message.RecipientType.TO, recipientAddress);

                 // Set Subject: header field
                 message.setSubject(subject);

                 // HTML TEXT
                 message.setContent(htmlMsg, "text/html");


                 // Send message
                 Transport.send(message);

                 System.out.println("Sent message successfully....");

    } catch (Exception e) {
        System.out.println("Exception--------------------"+e);
       throw new RuntimeException(e);
    }       

                // TODO Auto-generated constructor stub
}`
1

1 Answers

2
votes

See the exception:

The certificate issued by CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE is not trusted; 

You connect to your SMTP server using SSL. You have to put SMTP server certificates in to WebSphere Application Truststore for it to be able to establish connection. Your Tomcat server is using different JDK and thus different truststore.

See other posts how to add signer certificate to truststore in WAS.

Second consideration is that you should use MailSession in WAS, instead of hard coding all mail server data in your code. That is recommended way to get mail sessions in Java EE applications.

If you don't want to develop on full WAS, then you should use WebSphere Liberty profile for development instead of Tomcat. It is as lightweight as Tomcat in startup times and memory footprint, and already has libraries included in WAS, so you dont have to add third party libs.