I have a mule flow that needs to send a smtps message to a greenmail server.
The mule flow uses the smtps connector with configure keystore and truststore:
<smtps:connector name="SMTPS_Connector" validateConnections="true" doc:name="SMTP">
<smtps:tls-client path="${keystore.path}" storePassword="${keystore.password}"/>
<smtps:tls-trust-store path="${truststore.path}" storePassword="${truststore.password}"/>
</smtps:connector>
My greenmail server is started using default values.
When I invoke my flow to send an email I get the following logs:
In the Mule Log:
ERROR 2017-03-17 19:33:38,106 [Default_HTTP_Connector.receiver.06] org.mule.exception.DefaultMessagingExceptionStrategy: ******************************************************************************** Message : Unable to connect to mail transport. Code
: MULE_ERROR--2 -------------------------------------------------------------------------------- Exception stack is: 1. No trusted certificate found (sun.security.validator.ValidatorException)
sun.security.validator.SimpleValidator:396 (null) 2. sun.security.validator.ValidatorException: No trusted certificate found (javax.net.ssl.SSLHandshakeException)
sun.security.ssl.Alerts:192 (http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/net/ssl/SSLHandshakeException.html) 3. Could not connect to SMTP host: localhost, port: 3465 (javax.mail.MessagingException) com.sun.mail.smtp.SMTPTransport:1706 (http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/mail/MessagingException.html) 4. Unable to connect to mail transport. (org.mule.api.endpoint.EndpointException)
org.mule.transport.email.SmtpMessageDispatcher:67 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/api/endpoint/EndpointException.html) -------------------------------------------------------------------------------- Root Exception stack trace: sun.security.validator.ValidatorException: No trusted certificate found at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:396) at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:134) at sun.security.validator.Validator.validate(Validator.java:260) + 3 more (set debug level logging or '-Dmule.verbose.exceptions=true' for everything)
In the Greenmail Server log:
ERROR 2017-03-17 19:33:38,086 [smtps:localhost:3465<-/127.0.0.1:27671] com.icegreen.greenmail.smtp.SmtpHandler: Unexpected error handling connection, quitting= javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown at sun.security.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1508) at sun.security.ssl.AppInputStream.read(AppInputStream.java:92) at sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:283) at sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:325) at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:177) at java.io.InputStreamReader.read(InputStreamReader.java:184) at java.io.BufferedReader.fill(BufferedReader.java:154) at java.io.BufferedReader.readLine(BufferedReader.java:317) at java.io.BufferedReader.readLine(BufferedReader.java:382) at com.icegreen.greenmail.smtp.SmtpConnection.receiveLine(SmtpConnection.java:57) at com.icegreen.greenmail.smtp.SmtpHandler.handleCommand(SmtpHandler.java:82) at com.icegreen.greenmail.smtp.SmtpHandler.run(SmtpHandler.java:56) at com.icegreen.greenmail.server.AbstractServer$1.run(AbstractServer.java:163) at java.lang.Thread.run(Thread.java:745) Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1991) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1098) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1344) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:721) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122) at sun.nio.cs.StreamEncoder.writeBytes(StreamEncoder.java:221) at sun.nio.cs.StreamEncoder.implFlushBuffer(StreamEncoder.java:291) at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:295) at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:141) at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:229) at java.io.PrintWriter.flush(PrintWriter.java:320) at com.icegreen.greenmail.util.InternetPrintWriter.println(InternetPrintWriter.java:91) at com.icegreen.greenmail.util.InternetPrintWriter.println(InternetPrintWriter.java:196) at com.icegreen.greenmail.smtp.SmtpConnection.send(SmtpConnection.java:48) at com.icegreen.greenmail.smtp.SmtpHandler.sendGreetings(SmtpHandler.java:76) at com.icegreen.greenmail.smtp.SmtpHandler.run(SmtpHandler.java:53) ... 2 more
Is seems that I need to specify a keystore on my Greenmail server but I can't find a way to do it.
I tried placing a greenmail.jks with password 'changeit' in the classpath but it is giving me this error on start up:
ERROR 2017-03-17 17:42:24,185 [smtps:localhost:3465] com.icegreen.greenmail.util.DummySSLServerSocketFactory: Can not create and initialize SSL java.security.UnrecoverableKeyException: Cannot recover key at sun.security.provider.KeyProtector.recover(KeyProtector.java:328) at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:138) at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:55) at java.security.KeyStore.getKey(KeyStore.java:804) at sun.security.ssl.SunX509KeyManagerImpl.(SunX509KeyManagerImpl.java:131) at sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:68) at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:259) at com.icegreen.greenmail.util.DummySSLServerSocketFactory.(DummySSLServerSocketFactory.java:56) at com.icegreen.greenmail.util.DummySSLServerSocketFactory.getDefault(DummySSLServerSocketFactory.java:87) at com.icegreen.greenmail.server.AbstractServer.openServerSocket(AbstractServer.java:63) at com.icegreen.greenmail.server.AbstractServer.initServerSocket(AbstractServer.java:115) at com.icegreen.greenmail.server.AbstractServer.run(AbstractServer.java:86) Exception in thread "smtps:localhost:3465" java.lang.IllegalStateException: Can not create and initialize SSL at com.icegreen.greenmail.util.DummySSLServerSocketFactory.(DummySSLServerSocketFactory.java:65) at com.icegreen.greenmail.util.DummySSLServerSocketFactory.getDefault(DummySSLServerSocketFactory.java:87) at com.icegreen.greenmail.server.AbstractServer.openServerSocket(AbstractServer.java:63) at com.icegreen.greenmail.server.AbstractServer.initServerSocket(AbstractServer.java:115) at com.icegreen.greenmail.server.AbstractServer.run(AbstractServer.java:86) Caused by: java.security.UnrecoverableKeyException: Cannot recover key at sun.security.provider.KeyProtector.recover(KeyProtector.java:328) at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:138) at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:55) at java.security.KeyStore.getKey(KeyStore.java:804) at sun.security.ssl.SunX509KeyManagerImpl.(SunX509KeyManagerImpl.java:131) at sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:68) at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:259) at com.icegreen.greenmail.util.DummySSLServerSocketFactory.(DummySSLServerSocketFactory.java:56)
To solve this, I had to change all the passwords (keystore, keys) to greenmail's default password. Currently, I am unable to change the socket factory being used so I could not change the greenmail password since it is hardcoded in the socket factory.