'How to fix javax.net.ssl.SSLHandshakeException even though i have already added the certificate

I am working on a script to control my lights and because I'm lazy the communication is via email (works decently fast I know because it used to run on python but I'm writing it in java for some separate reasons) know the issue is I keep getting a javax.net.ssl.SSLHandshakeException error and I tried this overflow page but even though I added the trusted certificate it doesn't work and I keep getting the same error the following is my code, the full error, and a picture showing I have the certificate added

import java.util.Properties;

import javax.mail.Folder;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.NoSuchProviderException;
import javax.mail.Session;
import javax.mail.Store;

public class test {

    public static void check(String host, String storeType, String user,
                             String password)
    {
        try {

            //create properties field
            Properties properties = new Properties();

            properties.put("mail.pop3.host", host);
            properties.put("mail.pop3.port", "995");
            properties.put("mail.pop3.starttls.enable", "true");
            Session emailSession = Session.getDefaultInstance(properties);

            //create the POP3 store object and connect with the pop server
            Store store = emailSession.getStore("pop3s");

            store.connect(host, user, password);

            //create the folder object and open it
            Folder emailFolder = store.getFolder("INBOX");
            emailFolder.open(Folder.READ_ONLY);

            // retrieve the messages from the folder in an array and print it
            Message[] messages = emailFolder.getMessages();
            System.out.println("messages.length---" + messages.length);

            for (int i = 0, n = messages.length; i < n; i++) {
                Message message = messages[i];
                System.out.println("---------------------------------");
                System.out.println("Email Number " + (i + 1));
                System.out.println("Subject: " + message.getSubject());
                System.out.println("From: " + message.getFrom()[0]);
                System.out.println("Text: " + message.getContent().toString());

            }

            //close the store and folder objects
            emailFolder.close(false);
            store.close();

        } catch (NoSuchProviderException e) {
            e.printStackTrace();
        } catch (MessagingException e) {
            e.printStackTrace();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public static void main(String[] args) {

        String host = "pop.gmail.com";// change accordingly
        String mailStoreType = "pop3";
        String username = "EMAIL";// change accordingly
        String password = "PASSWORD";// change accordingly

        check(host, mailStoreType, username, password);
    
        }

}

Error

javax.mail.MessagingException: Connect failed;
  nested exception is:
    javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
    at com.sun.mail.pop3.POP3Store.protocolConnect(POP3Store.java:160)
    at javax.mail.Service.connect(Service.java:291)
    at javax.mail.Service.connect(Service.java:172)
    at test.check(test.java:28)
    at test.main(test.java:68)
Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
    at java.base/sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:172)
    at java.base/sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:98)
    at java.base/sun.security.ssl.TransportContext.kickstart(TransportContext.java:238)
    at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:434)
    at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:904)
    at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:995)
    at java.base/java.io.BufferedInputStream.fill(BufferedInputStream.java:244)
    at java.base/java.io.BufferedInputStream.read(BufferedInputStream.java:263)
    at java.base/java.io.DataInputStream.readLine(DataInputStream.java:519)
    at com.sun.mail.pop3.Protocol.simpleCommand(Protocol.java:359)
    at com.sun.mail.pop3.Protocol.<init>(Protocol.java:101)
    at com.sun.mail.pop3.POP3Store.getPort(POP3Store.java:213)
    at com.sun.mail.pop3.POP3Store.protocolConnect(POP3Store.java:156)
    ... 4 more

Process finished with exit code 0

Proof i have the certificate added

Java.Security

java Security

This is the error when you delete TLS1 and leave TSL 1.1

Exception in thread "main" java.lang.NoClassDefFoundError: javax/activation/DataSource
    at com.sun.mail.pop3.POP3Folder.createMessage(POP3Folder.java:326)
    at com.sun.mail.pop3.POP3Folder.getMessage(POP3Folder.java:307)
    at javax.mail.Folder.getMessages(Folder.java:943)
    at test.check(test.java:35)
    at test.main(test.java:68)
Caused by: java.lang.ClassNotFoundException: javax.activation.DataSource
    at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:636)
    at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:182)
    at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:519)
    ... 5 more


Solution 1:[1]

The issue is a couple of things first to fix the javax.net.ssl.SSLHandshakeException error you have to remove TLSV1 from the java.security file like harry was explaining above. Then you have to add the activation.jar file to your dependencies and it will work. If this didn't work try to follow these instructions

Solution 2:[2]

As per the logs, the issue at this stage is not related with not the missing certificate on the client side which required for the validation of server identity. In your case, the problem with either protocol or mismatch of ciper suite required in the process of SSL handshake.

No appropriate protocol (protocol is disabled or cipher suites are inappropriate)

As I can see you're using the latest version of java in which the support for older version of TLS protocol such as TLSv1 and TLSv1.1 has been disabled by default, so you can enable them by removing the diabled one from jdk.tls.disabledAlgorithms security property in the java.security configuration file.

jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, RC4, DES, MD5withRSA,
DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL

For older version of Java one can find the security file in JAVA_HOME/jre/lib/security/java.security

For specific to newer version and Java 16

JAVA_HOME/conf/security

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1
Solution 2