Upgrade to greenmail 2.1.1 #490
Description
Something changed between greenmail 2.0.1 and 2.1.1 related to how the SMTP/IMAPS certificates are handled. Per greenmail-mail-test/greenmail#163, I changed how the Greenmail server and the IMAPS client connection were created. However, the client fails because the self-signed certificate doesn't have a subject alternate name present for localhost.
javax.net.ssl.SSLHandshakeException: No subject alternative names present
at org.eclipse.angus.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:734)
at jakarta.mail.Service.connect(Service.java:342)
at edu.pdx.cs.joy.grader.GreenmailIntegrationTestCase.connectToIMAPServer(GreenmailIntegrationTestCase.java:94)
at edu.pdx.cs.joy.grader.SendAndReceiveMultipartWithGreenmailIT.fetchAttachmentsFromUnreadMessagesInFolder(SendAndReceiveMultipartWithGreenmailIT.java:44)
at edu.pdx.cs.joy.grader.SendAndReceiveMultipartWithGreenmailIT.sendAndFetchMailMessageWithMultipleAttachments(SendAndReceiveMultipartWithGreenmailIT.java:40)
at java.base/java.lang.reflect.Method.invoke(Method.java:568)
at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)
at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)
Caused by: javax.net.ssl.SSLHandshakeException: No subject alternative names present
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:371)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:314)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:309)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1357)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1500)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1415)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:450)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:421)
at org.eclipse.angus.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:662)
at org.eclipse.angus.mail.util.SocketFetcher.createSocket(SocketFetcher.java:409)
at org.eclipse.angus.mail.util.SocketFetcher.getSocket(SocketFetcher.java:243)
at org.eclipse.angus.mail.iap.Protocol.<init>(Protocol.java:117)
at org.eclipse.angus.mail.imap.protocol.IMAPProtocol.<init>(IMAPProtocol.java:132)
at org.eclipse.angus.mail.imap.IMAPStore.newIMAPProtocol(IMAPStore.java:755)
at org.eclipse.angus.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:690)
... 7 more
Caused by: java.security.cert.CertificateException: No subject alternative names present
at java.base/sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:142)
at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:101)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:456)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:426)
at java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkAdditionalTrust(SSLContextImpl.java:1475)
at java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1442)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341)
I spent a while trying to debug it, but I couldn't figure out how to 1) enable a subject alternate name or 2) disable this checking.
I need to investigate this more at a later time.
See https://github.com/JoyOfCodingPDX/JoyOfCoding/tree/issue-490/upgrade-greenmail-to-2.1.1