[jira] [Commented] (WAGON-452) Missing exception handling when maven.wagon.http.ssl.ignore.validity.dates flag is set to 'true'

ASF GitHub Bot (JIRA) Sat, 30 Dec 2017 05:04:17 -0800

    [ 
https://issues.apache.org/jira/browse/WAGON-452?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16306748#comment-16306748
 ]


ASF GitHub Bot commented on WAGON-452:
--------------------------------------

Github user jan-z commented on the issue:

    https://github.com/apache/maven-wagon/pull/36
  
    I can confirm this patch fixes the problem. Please merge.


> Missing exception handling when maven.wagon.http.ssl.ignore.validity.dates 
> flag is set to 'true'
> ------------------------------------------------------------------------------------------------
>
>                 Key: WAGON-452
>                 URL: https://issues.apache.org/jira/browse/WAGON-452
>             Project: Maven Wagon
>          Issue Type: Bug
>          Components: wagon-http
>    Affects Versions: 2.10
>            Reporter: Vítor Teixeira
>              Labels: easyfix, maven, security
>   Original Estimate: 24h
>  Remaining Estimate: 24h
>
> On org.apache.maven.wagon.providers.http.RelaxedTrustStrategy exception 
> handling is missing.
> With maven.wagon.http.ssl.ignore.validity.dates=true the following exception 
> is thrown:
> sun.security.validator.ValidatorException: PKIX path validation failed: 
> java.security.cert.CertPathValidatorException: timestamp check failed: 
> NotAfter: Tue Dec 29 23:59:59 GMT 2015 -> [Help 1]



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (WAGON-452) Missing exception handling when maven.wagon.http.ssl.ignore.validity.dates flag is set to 'true'

Reply via email to