Hi,
I have configured James mail server with TLS by uncommenting <useTLS> tags
in smtpserver & pop3server blocks and configuring the socket manager as
below
<sockets>
<server-sockets>
<factory name="plain"
class="org.apache.avalon.cornerstone.blocks.sockets.DefaultServerSocketFactory"/>
<factory name="ssl"
class="org.apache.avalon.cornerstone.blocks.sockets.TLSServerSocketFactory">
<ssl-factory>
<keystore>
<file>conf/thotap.jks</file>
<password>changeit</password>
<key-password>changeit</key-password>
<type>JKS</type>
<protocol>TLS</protocol>
<algorithm>SunX509</algorithm>
<authenticate-client>false</authenticate-client>
</keystore>
</ssl-factory>
</factory>
</server-sockets>
<client-sockets>
<factory name="plain"
class="org.apache.avalon.cornerstone.blocks.sockets.DefaultSocketFactory"/>
</client-sockets>
</sockets>
It looks like it has started without any issues. But when I try to create
mail store using mail store, it is throwing the exception
"java.net.SocketException: Software caused connection abort: recv failed".
Here is the protocol trace
DEBUG: setDebug: JavaMail version 1.4.3
DEBUG: getProvider() returning
javax.mail.Provider[STORE,pop3s,com.sun.mail.pop3.POP3SSLStore,Sun
Microsystems, Inc]
DEBUG POP3: connecting to host "inenthotapl1c", port 995, isSSL true
keyStore is :
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: C:\Java\jdk1.6.0_18\jre\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=inenthotapl1c
Issuer: CN=inenthotapl1c
Algorithm: RSA; Serial number: 0x4d0b797f
Valid from Fri Dec 17 20:23:51 IST 2010 until Thu Mar 17 20:23:51 IST 2011
adding as trusted cert:
Subject: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The
USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The
USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362afe650afd
Valid from Fri Jul 09 23:40:42 IST 1999 until Tue Jul 09 23:49:22 IST 2019
adding as trusted cert:
Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3
Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3
Algorithm: RSA; Serial number: 0x4000000000121585308a2
Valid from Wed Mar 18 15:30:00 IST 2009 until Sun Mar 18 15:30:00 IST 2029
adding as trusted cert:
Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3,
OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust
Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3,
OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust
Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x8b5b75568454850b00cfaf3848ceb1a4
Valid from Fri Oct 01 05:30:00 IST 1999 until Thu Jul 17 05:29:59 IST 2036
adding as trusted cert:
Subject: CN=America Online Root Certification Authority 1, O=America
Online Inc., C=US
Issuer: CN=America Online Root Certification Authority 1, O=America
Online Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 28 11:30:00 IST 2002 until Fri Nov 20 02:13:00 IST 2037
adding as trusted cert:
Subject: OU=Security Communication RootCA2, O="SECOM Trust Systems
CO.,LTD.", C=JP
Issuer: OU=Security Communication RootCA2, O="SECOM Trust Systems
CO.,LTD.", C=JP
Algorithm: RSA; Serial number: 0x0
Valid from Fri May 29 10:30:39 IST 2009 until Tue May 29 10:30:39 IST 2029
adding as trusted cert:
Subject: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte,
L=Durbanville, ST=Western Cape, C=ZA
Issuer: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte,
L=Durbanville, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Wed Jan 01 05:30:00 IST 1997 until Fri Jan 01 05:29:59 IST 2021
adding as trusted cert:
Subject: CN=Entrust.net Certification Authority (2048), OU=(c) 1999
Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits
liab.), O=Entrust.net
Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999
Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits
liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x3863b966
Valid from Fri Dec 24 23:20:51 IST 1999 until Tue Dec 24 23:50:51 IST 2019
adding as trusted cert:
Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.",
O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.",
O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1b6
Valid from Fri Aug 14 20:20:00 IST 1998 until Thu Aug 15 05:29:00 IST 2013
adding as trusted cert:
Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The
USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The
USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b
Valid from Sat Jul 10 00:01:20 IST 1999 until Wed Jul 10 00:10:36 IST 2019
adding as trusted cert:
Subject: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The
USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The
USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500021b411d32a6806a9ad69
Valid from Fri Jun 25 00:27:21 IST 1999 until Tue Jun 25 00:36:30 IST 2019
adding as trusted cert:
Subject: CN=Sonera Class2 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x1d
Valid from Fri Apr 06 12:59:40 IST 2001 until Tue Apr 06 12:59:40 IST 2021
adding as trusted cert:
Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA,
O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA,
O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b
Valid from Thu Jan 12 20:08:43 IST 2006 until Thu Jan 01 04:29:59 IST 2026
trigger seeding of SecureRandom
done seeding SecureRandom
main, setSoTimeout(30000) called
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1292535513 bytes = { 80, 149, 82, 71, 48, 28, 7, 48, 62,
89, 98, 107, 69, 243, 218, 66, 242, 252, 246, 151, 251, 224, 111, 128, 151,
108, 212, 216 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA,
SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5,
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
***
main, WRITE: TLSv1 Handshake, length = 73
main, READ: TLSv1 Handshake, length = 510
*** ServerHello, TLSv1
RandomCookie: GMT: 1292535513 bytes = { 172, 115, 215, 117, 107, 95, 2,
232, 211, 91, 109, 40, 21, 150, 192, 39, 130, 119, 132, 205, 20, 146, 28,
221, 171, 237, 250, 42 }
Session ID: {77, 11, 135, 217, 148, 28, 74, 88, 12, 70, 50, 90, 153, 42,
152, 221, 27, 209, 17, 18, 196, 27, 159, 161, 126, 179, 202, 179, 121, 143,
103, 159}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
***
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
[
Version: V1
Subject: CN=inenthotapl1c
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: Sun RSA public key, 1024 bits
modulus:
100746153626772380323303648658870070106863391015695246025204815976287595495907058283516121160001124559621739363730729057670951189969880962173035638241125927007904648572639604211500921898265691580498056772247017875596545782618773771012080708411850537554023805618091783458960955941721838725823477579438664531497
public exponent: 65537
Validity: [From: Fri Dec 17 20:23:51 IST 2010,
To: Thu Mar 17 20:23:51 IST 2011]
Issuer: CN=inenthotapl1c
SerialNumber: [ 4d0b797f]
]
Algorithm: [MD5withRSA]
Signature:
0000: 7F A1 66 C4 A3 15 AB D7 A0 50 A6 FF DB 00 1A 1E ..f......P......
0010: BC B5 49 2C 7C 1A 42 24 27 E0 84 95 6C 39 6D FE ..I,..B$'...l9m.
0020: 87 B5 10 63 BA ED 87 95 B5 D5 0D 69 BE F8 63 E6 ...c.......i..c.
0030: 5E 72 78 AA 39 87 5B EC 74 03 7B 3E DA 8C F3 14 ^rx.9.[.t..>....
0040: A7 2E 25 72 7A ED 06 DF A9 D4 CC 54 A0 AC 52 C5 ..%rz......T..R.
0050: B9 09 04 1E 64 1A E0 E6 98 31 E8 15 23 88 77 FD ....d....1..#.w.
0060: 27 85 B9 38 94 E0 4B DD 97 FE B8 54 7D C4 71 E3 '..8..K....T..q.
0070: 97 F7 04 C3 6E 69 48 CE 9D 03 52 34 C9 E9 40 68 ....nih...r...@h
]
***
Found trusted certificate:
[
[
Version: V1
Subject: CN=inenthotapl1c
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: Sun RSA public key, 1024 bits
modulus:
100746153626772380323303648658870070106863391015695246025204815976287595495907058283516121160001124559621739363730729057670951189969880962173035638241125927007904648572639604211500921898265691580498056772247017875596545782618773771012080708411850537554023805618091783458960955941721838725823477579438664531497
public exponent: 65537
Validity: [From: Fri Dec 17 20:23:51 IST 2010,
To: Thu Mar 17 20:23:51 IST 2011]
Issuer: CN=inenthotapl1c
SerialNumber: [ 4d0b797f]
]
Algorithm: [MD5withRSA]
Signature:
0000: 7F A1 66 C4 A3 15 AB D7 A0 50 A6 FF DB 00 1A 1E ..f......P......
0010: BC B5 49 2C 7C 1A 42 24 27 E0 84 95 6C 39 6D FE ..I,..B$'...l9m.
0020: 87 B5 10 63 BA ED 87 95 B5 D5 0D 69 BE F8 63 E6 ...c.......i..c.
0030: 5E 72 78 AA 39 87 5B EC 74 03 7B 3E DA 8C F3 14 ^rx.9.[.t..>....
0040: A7 2E 25 72 7A ED 06 DF A9 D4 CC 54 A0 AC 52 C5 ..%rz......T..R.
0050: B9 09 04 1E 64 1A E0 E6 98 31 E8 15 23 88 77 FD ....d....1..#.w.
0060: 27 85 B9 38 94 E0 4B DD 97 FE B8 54 7D C4 71 E3 '..8..K....T..q.
0070: 97 F7 04 C3 6E 69 48 CE 9D 03 52 34 C9 E9 40 68 ....nih...r...@h
]
*** ServerHelloDone
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
main, WRITE: TLSv1 Handshake, length = 134
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 2A CF 2C 62 D8 65 FB 77 4E 91 02 6B EA 22 ..*.,b.e.wN..k."
0010: 02 CB 4C 71 29 17 52 77 80 4F 53 4A 1B 6C 1C 20 ..Lq).Rw.OSJ.l.
0020: 07 52 0E C4 D3 FB 7E 23 C2 34 BC ED 8A 34 9D BB .R.....#.4...4..
CONNECTION KEYGEN:
Client Nonce:
0000: 4D 0B 87 D9 50 95 52 47 30 1C 07 30 3E 59 62 6B M...P.RG0..0>Ybk
0010: 45 F3 DA 42 F2 FC F6 97 FB E0 6F 80 97 6C D4 D8 E..B......o..l..
Server Nonce:
0000: 4D 0B 87 D9 AC 73 D7 75 6B 5F 02 E8 D3 5B 6D 28 M....s.uk_...[m(
0010: 15 96 C0 27 82 77 84 CD 14 92 1C DD AB ED FA 2A ...'.w.........*
Master Secret:
0000: 62 BC 9F BB ED C9 58 E2 E3 18 EE 06 E6 0F 97 4F b.....X........O
0010: 59 72 B0 0C 13 EE CD 93 BF 22 A8 C9 BE 94 C5 BB Yr......."......
0020: A9 5B BC 14 6B 9A 92 4F 60 83 2C B4 5D 34 8C 7A .[..k..O`.,.]4.z
Client MAC write Secret:
0000: E1 B0 A3 D9 56 B9 05 59 DF AC 59 FE D5 E9 2B 4B ....V..Y..Y...+K
Server MAC write Secret:
0000: 1D E6 10 7E 7E 65 20 F0 9C AF 95 87 A1 FE 9A 43 .....e ........C
Client write key:
0000: 60 3E EB 94 C9 05 22 19 1F B3 A7 97 2C 2F E5 52 `>....".....,/.R
Server write key:
0000: A6 B9 9A C6 E7 10 76 63 AD 51 AD 0C 19 3F F5 4A ......vc.Q...?.J
... no IV used for this cipher
main, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data: { 171, 150, 237, 61, 115, 89, 84, 195, 40, 197, 113, 109 }
***
main, WRITE: TLSv1 Handshake, length = 32
main, handling exception: java.net.SocketException: Software caused
connection abort: recv failed
javax.mail.MessagingException: Connect failed;
nested exception is:
java.net.SocketException: Software caused connection abort: recv failed
at com.sun.mail.pop3.POP3Store.protocolConnect(POP3Store.java:176)
at javax.mail.Service.connect(Service.java:291)
at
com.prasad.mail.utils.EmailReaderUtils.createEmailStore(EmailReaderUtils.java:88)
at
com.prasad.mail.utils.EmailReaderUtilsTest.testCreateEmailStore(EmailReaderUtilsTest.java:36)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.junit.internal.runners.TestMethod.invoke(TestMethod.java:59)
at
org.junit.internal.runners.MethodRoadie.runTestMethod(MethodRoadie.java:98)
at org.junit.internal.runners.MethodRoadie$2.run(MethodRoadie.java:79)
at
org.junit.internal.runners.MethodRoadie.runBeforesThenTestThenAfters(MethodRoadie.java:87)
at org.junit.internal.runners.MethodRoadie.runTest(MethodRoadie.java:77)
at org.junit.internal.runners.MethodRoadie.run(MethodRoadie.java:42)
at
org.junit.internal.runners.JUnit4ClassRunner.invokeTestMethod(JUnit4ClassRunner.java:88)
at
org.junit.internal.runners.JUnit4ClassRunner.runMethods(JUnit4ClassRunner.java:51)
at
org.junit.internal.runners.JUnit4ClassRunner$1.run(JUnit4ClassRunner.java:44)
at
org.junit.internal.runners.ClassRoadie.runUnprotected(ClassRoadie.java:27)
at org.junit.internal.runners.ClassRoadie.runProtected(ClassRoadie.java:37)
at
org.junit.internal.runners.JUnit4ClassRunner.run(JUnit4ClassRunner.java:42)
at
com.intellij.rt.junit4.Junit4TestMethodAdapter.run(Junit4TestMethodAdapter.java:49)
at junit.textui.TestRunner.doRun(TestRunner.java:116)
at
com.intellij.rt.execution.junit.IdeaTestRunner.doRun(IdeaTestRunner.java:65)
at junit.textui.TestRunner.doRun(TestRunner.java:109)
at
com.intellij.rt.execution.junit.IdeaTestRunner.startRunnerWithArgs(IdeaTestRunner.java:24)
at
com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:118)
at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:40)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:90)
Caused by: java.net.SocketException: Software caused connection abort: recv
failed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:129)
at com.sun.net.ssl.internal.ssl.InputRecord.readFully(InputRecord.java:293)
at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:331)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:789)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
at
com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:503)
at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:234)
at com.sun.mail.pop3.Protocol.<init>(Protocol.java:98)
at com.sun.mail.pop3.POP3Store.getPort(POP3Store.java:227)
at com.sun.mail.pop3.POP3Store.protocolConnect(POP3Store.java:172)
... 31 more
And also I am not able to configure in OutLook also as it is not able to
connect to the server.
Any pointers to trace out the issue or resolution is greatly appreciated.
Thanks,
Prasad
