Hi Thomas,
thanks for your help and pointing out System.setProperty("javax.net.debug",
"all");
I found out that I had two problems:
a) I had the key for that CA added to my Debian system some time ago so the
validation which I expected to fail did not. I just didn't remember. Stupid
me.
b) I used the gnu javamail implementation. This one still does not
complain, even when I remove my CA from the system via "dpkg-reconfigure
ca-certificates" . Now I use the jar from
https://java.net/projects/javamail/pages/Home and everything works as it
should (i.e. I get an error when the CA is removed).
Could you test your example with the gnu javamail? I would be interested if
my CA is still stored in some other keystore used by gnu javamail or if gnu
javamail has a problem.
Thanks
Carl
