자바메일 트러블 팁

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185)
… 19 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
… 25 more

증명서에 문제가 없는데 위와 같은 에러가 발생하는 경우는 중간증명서가 없어서이다.
중간증명서를 Java에 추가한다.

# keytool -alias rapidssl -importcert -file /etc/httpd/conf.d/ssl/rapidSSL.crt -trustcacerts -storepass changeit -keystore /usr/java/jdk1.6.0_33/jre/lib/security/cacerts

다음으로 아래와 같은 에러가 발생했을 경우이다.

javax.mail.SendFailedException: Invalid Addresses;
nested exception is:
com.sun.mail.smtp.SMTPAddressFailedException: 554 5.7.1 : Client host rejected: Access denied

at com.sun.mail.smtp.SMTPTransport.rcptTo(SMTPTransport.java:1196)
at com.sun.mail.smtp.SMTPTransport.sendMessage(SMTPTransport.java:584)
at jp.pe.jojh.utils.ddos.mail.Mail.send(Mail.java:57)
at jp.pe.jojh.utils.ddos.DDoSBlocker.main(DDoSBlocker.java:550)
Caused by: com.sun.mail.smtp.SMTPAddressFailedException: 554 5.7.1 : Client host rejected: Access denied

at com.sun.mail.smtp.SMTPTransport.rcptTo(SMTPTransport.java:1094)
… 3 more

메일서버에 아래와 같은 로그가 나왔을것이다.

Sep 8 14:11:29 mail postfix/smtpd[32493]: NOQUEUE: reject: RCPT from xxx.ne.jp[49.212.xxx.xxx]: 554 5.7.1 : Client host rejected: Access denied; from= to= proto=ESMTP helo=

스팸메일 대책으로 submission port 와 smtp-auth 를 설정했기 때문에 받는 사람 또는 보내는 서버가 메일서버 본인이 아닌 이상 인증이 필요하다.

This entry was posted in Java. Bookmark the permalink.