https://bz.apache.org/bugzilla/show_bug.cgi?id=60394
--- Comment #1 from Michael Osipov <1983-01...@gmx.net> --- Running 'ant test' on 8.5.x trunk with > java version "1.7.0_80" > Java(TM) SE Runtime Environment (build 1.7.0_80-b15) > Java HotSpot(TM) 64-Bit Server VM (build 24.80-b11, mixed mode) fails sometimes due to: > downloadzip: > [get] Getting: > http://downloads.sourceforge.net/easymock/easymock-3.2.zip > [get] To: C:\Users\mosipov\tomcat-build-libs\download-1532555207.zip > [get] http://downloads.sourceforge.net/easymock/easymock-3.2.zip > permanently moved to > http://downloads.sourceforge.net/project/easymock/EasyMock/3.2/easymock-3.2.zip > [get] > http://downloads.sourceforge.net/project/easymock/EasyMock/3.2/easymock-3.2.zip > moved to > https://freefr.dl.sourceforge.net/project/easymock/EasyMock/3.2/easymock-3.2.zip > [get] Error getting > http://downloads.sourceforge.net/easymock/easymock-3.2.zip to > C:\Users\mosipov\tomcat-build-libs\download-1532555207.zip > > BUILD FAILED > D:\Entwicklung\Projekte\tomcat-8.5.x\build.xml:2630: The following error > occurred while executing this line: > D:\Entwicklung\Projekte\tomcat-8.5.x\build.xml:2746: > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) > at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904) > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279) > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273) > at > sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446) > at > sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209) > at sun.security.ssl.Handshaker.processLoop(Handshaker.java:913) > at sun.security.ssl.Handshaker.process_record(Handshaker.java:849) > at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023) > at > sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) > at > sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359) > at > sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) > at > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) > at > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) > at > sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153) > at > org.apache.tools.ant.taskdefs.Get$GetThread.openConnection(Get.java:728) > at > org.apache.tools.ant.taskdefs.Get$GetThread.openConnection(Get.java:748) > at > org.apache.tools.ant.taskdefs.Get$GetThread.openConnection(Get.java:748) > at org.apache.tools.ant.taskdefs.Get$GetThread.get(Get.java:641) > at org.apache.tools.ant.taskdefs.Get$GetThread.run(Get.java:631) > Caused by: sun.security.validator.ValidatorException: PKIX path building > failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to > find valid certification path to requested target > at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) > at > sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) > at sun.security.validator.Validator.validate(Validator.java:260) > at > sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) > at > sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) > at > sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) > at > sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428) > ... 15 more > Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable > to find valid certification path to requested target > at > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) > at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) > at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) > ... 21 more > This happens for all artifacts downloaded from the assigned SF.net mirror. The issue is: > $ curl -I --verbose > https://freefr.dl.sourceforge.net/project/cglib/cglib2/2.2.3/cglib-nodep-2.2.3.jar > > * Connected to freefr.dl.sourceforge.net (88.191.250.136) port 443 (#0) > ... > * TLSv1.2 (IN), TLS handshake, Finished (20): > { [16 bytes data] > * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 > * ALPN, server accepted to use http/1.1 > * Server certificate: > * subject: CN=freefr.dl.sourceforge.net > * start date: Oct 31 19:27:00 2016 GMT > * expire date: Jan 29 19:27:00 2017 GMT > * subjectAltName: host "freefr.dl.sourceforge.net" matched cert's > "freefr.dl.sourceforge.net" > * issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3 > * SSL certificate verify ok. > } [5 bytes data] > This CA is not available in the last public Java 7 release by Oracle. Only paid releases where updated: https://bugs.openjdk.java.net/browse/JDK-8154757 The alternative is to solely rely on Maven Central which works with Java 7 too. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
