'How to fix javax.net.ssl.SSLHandshakeException even though i have already added the certificate
I am working on a script to control my lights and because I'm lazy the communication is via email (works decently fast I know because it used to run on python but I'm writing it in java for some separate reasons) know the issue is I keep getting a javax.net.ssl.SSLHandshakeException
error and I tried this overflow page but even though I added the trusted certificate it doesn't work and I keep getting the same error the following is my code, the full error, and a picture showing I have the certificate added
import java.util.Properties;
import javax.mail.Folder;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.NoSuchProviderException;
import javax.mail.Session;
import javax.mail.Store;
public class test {
public static void check(String host, String storeType, String user,
String password)
{
try {
//create properties field
Properties properties = new Properties();
properties.put("mail.pop3.host", host);
properties.put("mail.pop3.port", "995");
properties.put("mail.pop3.starttls.enable", "true");
Session emailSession = Session.getDefaultInstance(properties);
//create the POP3 store object and connect with the pop server
Store store = emailSession.getStore("pop3s");
store.connect(host, user, password);
//create the folder object and open it
Folder emailFolder = store.getFolder("INBOX");
emailFolder.open(Folder.READ_ONLY);
// retrieve the messages from the folder in an array and print it
Message[] messages = emailFolder.getMessages();
System.out.println("messages.length---" + messages.length);
for (int i = 0, n = messages.length; i < n; i++) {
Message message = messages[i];
System.out.println("---------------------------------");
System.out.println("Email Number " + (i + 1));
System.out.println("Subject: " + message.getSubject());
System.out.println("From: " + message.getFrom()[0]);
System.out.println("Text: " + message.getContent().toString());
}
//close the store and folder objects
emailFolder.close(false);
store.close();
} catch (NoSuchProviderException e) {
e.printStackTrace();
} catch (MessagingException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
String host = "pop.gmail.com";// change accordingly
String mailStoreType = "pop3";
String username = "EMAIL";// change accordingly
String password = "PASSWORD";// change accordingly
check(host, mailStoreType, username, password);
}
}
Error
javax.mail.MessagingException: Connect failed;
nested exception is:
javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
at com.sun.mail.pop3.POP3Store.protocolConnect(POP3Store.java:160)
at javax.mail.Service.connect(Service.java:291)
at javax.mail.Service.connect(Service.java:172)
at test.check(test.java:28)
at test.main(test.java:68)
Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
at java.base/sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:172)
at java.base/sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:98)
at java.base/sun.security.ssl.TransportContext.kickstart(TransportContext.java:238)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:434)
at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:904)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:995)
at java.base/java.io.BufferedInputStream.fill(BufferedInputStream.java:244)
at java.base/java.io.BufferedInputStream.read(BufferedInputStream.java:263)
at java.base/java.io.DataInputStream.readLine(DataInputStream.java:519)
at com.sun.mail.pop3.Protocol.simpleCommand(Protocol.java:359)
at com.sun.mail.pop3.Protocol.<init>(Protocol.java:101)
at com.sun.mail.pop3.POP3Store.getPort(POP3Store.java:213)
at com.sun.mail.pop3.POP3Store.protocolConnect(POP3Store.java:156)
... 4 more
Process finished with exit code 0
Java.Security
This is the error when you delete TLS1 and leave TSL 1.1
Exception in thread "main" java.lang.NoClassDefFoundError: javax/activation/DataSource
at com.sun.mail.pop3.POP3Folder.createMessage(POP3Folder.java:326)
at com.sun.mail.pop3.POP3Folder.getMessage(POP3Folder.java:307)
at javax.mail.Folder.getMessages(Folder.java:943)
at test.check(test.java:35)
at test.main(test.java:68)
Caused by: java.lang.ClassNotFoundException: javax.activation.DataSource
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:636)
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:182)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:519)
... 5 more
Solution 1:[1]
The issue is a couple of things first to fix the javax.net.ssl.SSLHandshakeException
error you have to remove TLSV1
from the java.security file like harry was explaining above. Then you have to add the activation.jar file to your dependencies and it will work. If this didn't work try to follow these instructions
Solution 2:[2]
As per the logs, the issue at this stage is not related with not the missing certificate on the client side which required for the validation of server identity. In your case, the problem with either protocol or mismatch of ciper suite required in the process of SSL handshake.
No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
As I can see you're using the latest version of java in which the support for older version of TLS protocol such as TLSv1
and TLSv1.1
has been disabled by default, so you can enable them by removing the diabled one from jdk.tls.disabledAlgorithms
security property in the java.security
configuration file.
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, RC4, DES, MD5withRSA,
DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL
For older version of Java one can find the security file in
JAVA_HOME/jre/lib/security/java.security
For specific to newer version and Java 16
JAVA_HOME/conf/security
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
Solution | Source |
---|---|
Solution 1 | |
Solution 2 |