I'm working on a java mail client (part of a web application running in tomcat 8)
and the web application needs to be able to send (not recieve) mails.
My web application allows to be configured in a few different ways and I cannot test them all at the moment.
Im using the standard java mail api (https://javamail.java.net/nonav/docs/api/com/sun/mail/smtp/package-summary.html)
At the moment I do have an exchange account and my application is working with STARTTLS & Auth. Mechanisms LOGIN & PLAIN to send mails.
The thing I cannot test is SSL (instead of STARTTLS) and NTLM as the Auth. Mechanism. The exchange server is not my own and I cannot have it configured to be working with these settings.
Does anyone know a way to set up a local mail server so I can test a configuration using SSL & NTLM?
Edit:
I tried hMailServer to test at least the SSL setting but I came across the following problem:
IMAP/SMTP over SSL (using my own SSL cert) is working fine untill I uncheck TLS v1, v1.2 & v1.2 in Settings -> Advanced -> SSL/TLS.
The hMailServer Logfile shows that the connection upon sending mails (using thunderbird with 2 accounts added) is always using TLS.
I would want the connection to run on SSL v3.0 (I know its not the best option but I want to give my application the option to use SSL instead of TLS anyways)
How can I get the connection to be using SSL v3.0?
You can try installing hMailServer in Windows.
https://www.hmailserver.com or you can try setting SMTP in windows8.
http://www.neatcomponents.com/enable-SMTP-in-Windows-8
Related
I wrote a simple app to send email to our smtp server. Java version is 1.8.0_101
Our server use only TLSv1.2. I wrote a simple app to send email to our server. I build this soft as jar and run it. It works normally and java use default tls version which is 1.2 on jdk1.8. Then I wrote a web service that accept request and send email to out smtp server. I use tomcat v9.0(also tested v7 and v8) I build war file and put the tomcat web app folder. But when I call my web service I got the below error
Could not convert socket to TLS.
Remote host closed connection during handshake
Then I realized that java does not use TLSv1.2 and use TLSv1. I tried lots of solution but no ones helped me. I could not change TLS version. Is there any way to change TLS version? Do I change this config on java side or tomcat?
I have the following scenario:
Web application (currently running in Eclipse)
Apache httpd proxy
5 backend servers (tomcat) all listening on HTTPS
I have valid certificates for all backend servers and also have the cert chain imported in the keystore. Can anyone explain to me or give me a sample config for the proxy? I am getting different errors when trying to establish trust between the proxy and backend servers like (downstream server wanted client certificate but none are configured).
I am writing a browser plugin for a webpage which runs over HTTPS. My backend is in Java, so creating a websocket between javascript and java. But the websocket is giving following error.
WebSocket connection to 'wss://127.0.0.1:8080/' failed: Error in connection establishment: net::ERR_SSL_PROTOCOL_ERROR
Can someone tell how to remove this error?
In order to use SSL in development machine create auto-signed SSL key a certificate for '127.0.0.1' and put a web server locally with HTTPS support, like Nginx, in front of your Java app, or if you are using a Java based web server look for HTTPS configuration (and WebSockets support as well). This way you'll be able to tests secure transport.
I'm developing a simple web services using Java EE Servlets.
My clients are a simple java apps (no browsers), so I need to secure my communication using TLS (or SSL v3). About Application server, I'm using Glassfish v3.
For example, I need to transfer some data from client to server within a HTTP Post Request into a secure connection.
There are some external libraries, server configurations or tutorial that can I use?
On the server side you must somehow expose your servlets via HTTPS. If you are using tomcat, check out SSL Configuration HOW-TO. If you have an Apache web server in front, see: Apache SSL/TLS Encryption.
On the client side ssl and https support is built into JDK, just call any https://... address using URLConnection. However remember that the certificate your server uses must be trusted - either confirmed by some authority or added manually on the client. Self-signed certificates by default won't be accepted.
I'm using Apache Axis 1.5.1 to code a web service client connecting to a service over SSL. My application is running in Tomcat with SSL configuration setup in JKS. However, when I connect to the server, the connection is failing because the cert from our client is not being sent to the server. Is this something that has to be set in the client through code? Also note that the server does not need any user name or password authentication. With SSL turned off, everything works fine.
Thanks,
Two common approaches here:
http://ws.apache.org/xmlrpc/ssl.html
WebLogic has its own stuff:
http://download.oracle.com/docs/cd/E12840_01/wls/docs103/security/SSL_client.html#wp1029670
As long as you have the certificates configured correctly in your trust store accessible to Tomcat, there are no changes to Apache Axis HTTP code.