B4J Question How to send email via smtp.libero.it ?

[amorosik]

I'm try to send email with smtp.libero.it server with superbasic code
Obviously the username and password are fictitious
B4J 10.0
JNET library 1.81

Dim smtp As SMTP
    smtp.Initialize("smtp.libero.it","587","username@libero.it","password", "SMTP")
 
    Dim destinatari As String = "gigetto@rai.it, mariuccia@tim.it"
    Dim destinatari_array() As String = Regex.Split(",", destinatari.Trim)

    For Each email As String In destinatari_array
        smtp.To.Add(email.Trim)
        Next

    smtp.UseSSL = True
    smtp.StartTLSMode=True
 
    smtp.Sender = "username@libero.it"
    smtp.AuthMethod = smtp.AUTH_LOGIN
    smtp.HtmlBody = True
    smtp.Subject = "Oggetto email inviata"
    smtp.Body = "Corpo dell'email inviata"
 
    Wait For (smtp.Send) SMTP_MessageSent (Success As Boolean)
    If Success Then
        Log("Message sent successfully")
    Else
        Log("Error sending message")
        Log(LastException)
    End If

The following error is always returned on the line "Wait For (smtp.Send) SMTP_MessageSent (Success As Boolean)"

javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
    at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:325)
    at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:268)
    at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:263)
    at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:645)
    at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:464)
    at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:360)
    at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
    at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:445)
    at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:423)
    at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:182)
    at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:167)
    at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1462)
    at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1370)
    at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:437)
    at org.apache.commons.net.smtp.AuthenticatingSMTPClient.performSSLNegotiation(AuthenticatingSMTPClient.java:284)
    at org.apache.commons.net.smtp.AuthenticatingSMTPClient.execTLS(AuthenticatingSMTPClient.java:264)
    at anywheresoftware.b4a.net.SMTPWrapper$1.run(SMTPWrapper.java:267)
    at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
    at java.base/java.lang.Thread.run(Thread.java:832)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:439)
    at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306)
    at java.base/sun.security.validator.Validator.validate(Validator.java:264)
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
    at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:629)
    ... 18 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
    at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
    at java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
    at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:434)
    ... 23 more

If I try to use the same data to send using Swithmail, sending is correct, and therefore even if the port used is 587 instead of 465 I imagine that the data used is correct
What could the error I receive depend on?

 

[EnriqueGonzalez]

What version of java are you using? it has happened to me with java 11- (8,9,10,11) as those are old and their certificates are too

 

[amorosik]

I try with Jdk-14.0.1 and jdk-19.0.2
Same error

 

[teddybear]

Dim smtp As SMTP
    smtp.Initialize("smtp.libero.it","587","username@libero.it","password", "SMTP")
 
    End If

Try changing port 587 to 465

 

[amorosik]

Try changing port 587 to 465

Port 465
smtp.UseSSL = True
smtp.StartTLSMode=True
Error (after a minute) : java.net.SocketTimeoutException: Read timed out

Port 465
smtp.UseSSL = True
smtp.StartTLSMode=False
Error: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

I am sure of the parameters because using a script with Swithmail the sending is successful
And even if on the libero.it website port 465 is recommended, in reality the email is sent only using port 587
If you launch the following line:

swithmail.exe /s /from "username@libero.it" /to "gigetto@tiscalit.it" /Server "smtp.libero.it" /Port "587" /SSL true /u "username@libero.it" /pass "password" /sub "In allegato i documenti richiesta" /b "Testo del messaggio" /HTML false /a "test.pdf"

The message is sent successfully

 

[teddybear]

Port 465
smtp.UseSSL = True
smtp.StartTLSMode=True
Error (after a minute) : java.net.SocketTimeoutException: Read timed out

Port 465
smtp.UseSSL = True
smtp.StartTLSMode=False
Error: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

This is the configuration which smtp.libero.it provided.

SERVER DI POSTA IN USCITA:

• SMTP (con SSL):
  – Server: smtp.libero.it (selezionando la richiesta di autenticazione)
  – Porta: 465 con SSL

 

[amorosik]

This is the configuration which smtp.libero.it provided.

SERVER DI POSTA IN USCITA:

• SMTP (con SSL):
  – Server: smtp.libero.it (selezionando la richiesta di autenticazione)
  – Porta: 465 con SSL

Yes I saw
But it doesn't work like this

 

[Pendrush]

Try to add the root and intermediate certificates to the java cacerts key store.

unable to find a valid certification path to requested target

I am making a post request using a restTemplate and I am getting the following error: unable to find a valid certification path to requested target org.springframework.beans.factory.BeanCreationExc...

stackoverflow.com

 

[teddybear]

Try the library
before smtp 587 do

    Dim AT As AllTrust
    AT.Initialize

 

[amorosik]

Try the library
before smtp 587 do

    Dim AT As AllTrust
    AT.Initialize

....
Dim AT As AllTrust
AT.Initialize
WebView1.LoadUrl("https://www.libero.it")

Dim smtp As SMTP
....


Port 465
smtp.UseSSL = True
smtp.StartTLSMode=False
Error: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Port 587
smtp.UseSSL = True
smtp.StartTLSMode=True
Error: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Port 587
smtp.UseSSL = False
smtp.StartTLSMode=True
Error: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

 

[amorosik]

Try to add the root and intermediate certificates to the java cacerts key store.

unable to find a valid certification path to requested target

I am making a post request using a restTemplate and I am getting the following error: unable to find a valid certification path to requested target org.springframework.beans.factory.BeanCreationExc...

stackoverflow.com

So I tried to follow the recommended instructions
This is the sequence of operations performed:

1- From the libero.it site using Firefox I downloaded the 'catena' certificate and placed it in C:\java\jdk-19.0.2\lib\security giving the name libero-it-catena.pem

2- Then, inside the directory C:\java\jdk-19.0.2\lib\security I created a batch file carica_certificato_libero_it.bat containing this line:
keytool -import -trustcacerts -keystore C:/java/jdk-19.0.2/lib/security/cacerts -alias libero-smtp -file libero-it-catena.pem

3- the command is executed and asks for the password, which if it has not been changed will be changeit

4- the command displays the text of the certificate and asks for confirmation on the data insertion in the keystore, by entering YES the insertion is executed

Now, if I launch the code, using the parameters: port 465, smtp.UseSSL=True, smtp.StartTLSMode=False, this error is returned
javax.net.ssl.SSLException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

The same thing if I use these parameters: port 587, smtp.UseSSL=False, smtp.StartTLSMode=True

A strange thing is that if I download the www.libero.it certificates using Firefox, a .pem file is created containing TWO sequences BEGIN CERTIFICATE/END CERTIFICATE, while if I do the same operation using Chrome, the downloaded .crt file contains THREE sequences, each completely different from those downloaded using Firefox.

 

[aeric]

Try https://www.gmass.co/smtp-test
Other country is blocked from the server.

<< 451 You are not allowed to send from so many countries [smtp-31.iol.local; LIB_700]
>> AUTH LOGIN
ERROR: The SMTP server has unexpectedly disconnected.

 

[amorosik]

Exactly the same thing happens (to me) using smtp2go as a sending server
After creating a new account and inserting emails in the 'Verify Sender' section and verifying them
Using Swithmail I can send (port=587, ssl=True, server=mail.smtp2go.com) while inserting the same values on the B4J code gives me the error reported the other times
This is really strange, perhaps the jNet library code does some checks on the sending server that Swithmail does not perform

Or is there anyone who can send from B4J code using the jNet 1.81 library and mail.smtp2go.com server ???