polygene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Merlin <p...@nosphere.org>
Subject Re: 2.1 distributions pre-release build & review, take two
Date Fri, 24 Jul 2015 07:33:00 GMT
Hey Niclas,

Niclas Hedhman a écrit :
> I built 'develop' according to your instructions on Mac OSX and that worked
> fine.
>
> I unzipped the source output artifact and built on Mac OSX and that worked
> fine.
>
> I copied the source output artifact to a very blank server of mine, and the
> problem shown below happened. It is obviously a Gradle issue, perhaps even
> a Java installation problem. But we should be prepared if someone is
> raising this.
>
>
> niclas@node1:~/temp/apache-zest-java-2.1-RC0-src$ ./gradlew
> -Dversion=2.1-RC0 assemble -x signArchives
> Downloading https://services.gradle.org/distributions/gradle-2.5-all.zip
>
> Exception in thread "main" java.lang.RuntimeException:
> javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error:
> java.security.InvalidAlgorithmParameterException: the trustAnchors
> parameter must be non-empty
Wow.

I just ran SSL-Labs on services.gradle.org and this is not pretty but
may be mandatory to support 'legacy' clients:
https://www.ssllabs.com/ssltest/analyze.html?d=services.gradle.org

BUT, it could also be a client JVM setup issue like missing/unreadable
truststore etc..

Could you try again, with -Djavax.net.debug=ssl:handshake enabled so we
can track it down?

/Paul


>     at
> org.gradle.wrapper.ExclusiveFileAccessManager.access(ExclusiveFileAccessManager.java:78)
>     at org.gradle.wrapper.Install.createDist(Install.java:44)
>     at org.gradle.wrapper.WrapperExecutor.execute(WrapperExecutor.java:126)
>     at org.gradle.wrapper.GradleWrapperMain.main(GradleWrapperMain.java:55)
> Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException:
> Unexpected error: java.security.InvalidAlgorithmParameterException: the
> trustAnchors parameter must be non-empty
>     at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
>     at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)
>     at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1894)
>     at
> sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1877)
>     at
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1398)
>     at
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
>     at
> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
>     at
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
>     at
> sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512)
>     at
> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440)
>     at
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
>     at org.gradle.wrapper.Download.downloadInternal(Download.java:56)
>     at org.gradle.wrapper.Download.download(Download.java:42)
>     at org.gradle.wrapper.Install$1.call(Install.java:57)
>     at org.gradle.wrapper.Install$1.call(Install.java:44)
>     at
> org.gradle.wrapper.ExclusiveFileAccessManager.access(ExclusiveFileAccessManager.java:65)
>     ... 3 more
> Caused by: java.lang.RuntimeException: Unexpected error:
> java.security.InvalidAlgorithmParameterException: the trustAnchors
> parameter must be non-empty
>     at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:90)
>     at sun.security.validator.Validator.getInstance(Validator.java:179)
>     at
> sun.security.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:312)
>     at
> sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(X509TrustManagerImpl.java:171)
>     at
> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:184)
>     at
> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
>     at
> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1460)
>     at
> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212)
>     at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
>     at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
>     at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)
>     at
> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
>     at
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
>     ... 14 more
> Caused by: java.security.InvalidAlgorithmParameterException: the
> trustAnchors parameter must be non-empty
>     at
> java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200)
>     at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:120)
>     at
> java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:104)
>     at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:88)
>     ... 26 more
> niclas@node1:~/temp/apache-zest-java-2.1-RC0-src$ java -version
> openjdk version "1.8.0_45-internal"
> OpenJDK Runtime Environment (build 1.8.0_45-internal-b14)
> OpenJDK 64-Bit Server VM (build 25.45-b02, mixed mode)
> niclas@node1:~/temp/apache-zest-java-2.1-RC0-src$ uname -a
> Linux node1 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt9-3~deb8u1 (2015-04-24)
> x86_64 GNU/Linux
>
>
> On Thu, Jul 23, 2015 at 7:51 PM, Paul Merlin <paul@nosphere.org> wrote:
>
>> Gang,
>>
>> I think we are almost ready to cut a first Apache release.
>>
>> Before going down the Apache release way, I'd like to get some
>> preliminary review of the Apache Zest distributions. We won't do this
>> for future releases but I think it's worthwile doing it before the first
>> one.
>>
>> So, please checkout the `develop` branch and:
>>
>> ./gradlew -Dversion=2.1-RC0 assemble -x signArchives
>>
>> Then check the Source and Binary Distributions in build/distributions/
>>
>> Passing a non-0 and non-SNAPSHOT version to the build is mandatory so
>> that ReleaseSpecification is applied to the distributions and to the
>> generated manual.
>>
>> Please use a recent JDK 7 and note that you'll need a valid Asciidoc
>> installation to build the manual. If you want to skip this last step,
>> add `-PskipAsciidocIfAbsent=true` to the build command line. The manual
>> will then be missing from the Binary Distribution.
>>
>> Here are some checks to do:
>> - inclusion of releasable modules only
>> - licensing issues (see http://www.apache.org/dev/licensing-howto.html)
>> - build from the source distribution, see README
>> - manual in the binary distribution
>> - goOffline helpers in the binary distribution
>> - use jars from the binary distribution
>>
>> Thanks in advance for your feedback!
>>
>> Cheers
>>
>> /Paul

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message