-
Bug
-
Resolution: Fixed
-
P3
-
8u60, 9
-
b70
-
x86_64
-
windows_7
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8135379 | emb-9 | Kirill Kirichenko | P3 | Resolved | Fixed | team |
JDK-8087244 | 8u65 | Kirill Kirichenko | P3 | Resolved | Fixed | b01 |
JDK-8081326 | 8u60 | Kirill Kirichenko | P3 | Resolved | Fixed | b19 |
JDK-8137481 | emb-8u65 | Unassigned | P3 | Resolved | Fixed | b01 |
JDK-8086130 | emb-8u60 | Kirill Kirichenko | P3 | Resolved | Fixed | b19 |
JDK-8177665 | 7u171 | Dmitry Markov | P3 | Resolved | Fixed | master |
FULL PRODUCT VERSION :
java version "1.8.0_60-ea"
Java(TM) SE Runtime Environment (build 1.8.0_60-ea-b05)
Java HotSpot(TM) 32-Bit Server VM (build 25.60-b05, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7601]
EXTRA RELEVANT SYSTEM CONFIGURATION :
Certificates used by the Webserver
-----BEGIN CERTIFICATE-----
MIISIjCCEQqgAwIBAgIKGE5vtgAAAAAFQTANBgkqhkiG9w0BAQUFADBMMRMwEQYK
CZImiZPyLGQBGRYDcmRiMRswGQYKCZImiZPyLGQBGRYLdW5pdGVkcHJpbnQxGDAW
BgNVBAMTD3VuaXRlZHByaW50LXJkYjAeFw0xNDA2MDIxNTQwNTBaFw0xNjA2MDIx
NTUwNTBaMH4xCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZTYXhvbnkxETAPBgNVBAcT
CFJhZGViZXVsMRswGQYDVQQKExJ1bml0ZWRwcmludC5jb20gU0UxLjAsBgNVBAMM
JSoudW5pdGVkcHJpbnQuY29tLmRlbG8ucHJpbnQyNHRlc3QuZGUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+NHZo9z6cGOnNGvrhzhUj0gqczklP294m
OvsoDaWtJrKQ0UC5vP5FTotzuCdzBRBzs2vXieCZTj+JEWBvKd2cWCVz4ebM6v1C
0tLZD/OgZGaiafRiYEO8Yb6aubV14Ej7b+wzk9n0sayj/8l0iQE9bsTckpnUQHaV
g3mor1sM9Bw99TP1SyVn8EbWIuJ/W0vDX0Sc9hkDE5wrlrb+WN8OneF4fNfTuUse
MZHJ5oHhtNJGu1pIz28K1XIZ/Bdd+XdDbKpai1XgfWRKPoVP0CLgnfoxauV9h9Yr
37uGpBQs27uFGFdW+yKbAxbIpEN3ZLdxHIcB3Wf0db0OQPgEXihtAgMBAAGjgg7S
MIIOzjAOBgNVHQ8BAf8EBAMCBaAwggwlBgNVHREEggwcMIIMGIIlKi51bml0ZWRw
cmludC5jb20uZGVsby5wcmludDI0dGVzdC5kZYIlKi51bml0ZWRwcmludC5jb20u
bGlsby5wcmludDI0dGVzdC5kZYIlKi51bml0ZWRwcmludC5jb20ub25sby5wcmlu
dDI0dGVzdC5kZYIlKi51bml0ZWRwcmludC5jb20ucmVsby5wcmludDI0dGVzdC5k
ZYIiKi5nZXRwcmludC5jb20uZGVsby5wcmludDI0dGVzdC5kZYIiKi5nZXRwcmlu
dC5jb20ubGlsby5wcmludDI0dGVzdC5kZYIiKi5nZXRwcmludC5jb20ub25sby5w
cmludDI0dGVzdC5kZYIiKi5nZXRwcmludC5jb20ucmVsby5wcmludDI0dGVzdC5k
ZYIjKi5wcmludHdoYXQuY29tLmRlbG8ucHJpbnQyNHRlc3QuZGWCIyoucHJpbnR3
aGF0LmNvbS5saWxvLnByaW50MjR0ZXN0LmRlgiMqLnByaW50d2hhdC5jb20ub25s
by5wcmludDI0dGVzdC5kZYIjKi5wcmludHdoYXQuY29tLnJlbG8ucHJpbnQyNHRl
c3QuZGWCJCouZmlyc3RwcmludC5jb20uZGVsby5wcmludDI0dGVzdC5kZYIkKi5m
aXJzdHByaW50LmNvbS5saWxvLnByaW50MjR0ZXN0LmRlgiQqLmZpcnN0cHJpbnQu
Y29tLm9ubG8ucHJpbnQyNHRlc3QuZGWCJCouZmlyc3RwcmludC5jb20ucmVsby5w
cmludDI0dGVzdC5kZYImKi5lYXN5cHJpbnRpbmcuY29tLmRlbG8ucHJpbnQyNHRl
c3QuZGWCJiouZWFzeXByaW50aW5nLmNvbS5saWxvLnByaW50MjR0ZXN0LmRlgiYq
LmVhc3lwcmludGluZy5jb20ub25sby5wcmludDI0dGVzdC5kZYImKi5lYXN5cHJp
bnRpbmcuY29tLnJlbG8ucHJpbnQyNHRlc3QuZGWCIyoucHJpbnR3aGF0LmNvbS5k
ZWxvLnByaW50MjR0ZXN0LmRlgiMqLnByaW50d2hhdC5jb20ubGlsby5wcmludDI0
dGVzdC5kZYIjKi5wcmludHdoYXQuY29tLm9ubG8ucHJpbnQyNHRlc3QuZGWCIyou
cHJpbnR3aGF0LmNvbS5yZWxvLnByaW50MjR0ZXN0LmRlgiEqLnByaW50MjQuY29t
LmRlbG8ucHJpbnQyNHRlc3QuZGWCISoucHJpbnQyNC5jb20ubGlsby5wcmludDI0
dGVzdC5kZYIhKi5wcmludDI0LmNvbS5vbmxvLnByaW50MjR0ZXN0LmRlgiEqLnBy
aW50MjQuY29tLnJlbG8ucHJpbnQyNHRlc3QuZGWCJSoudW5pdGVkcHJpbnQucmRi
LmRlbG8ucHJpbnQyNHRlc3QuZGWCJSoudW5pdGVkcHJpbnQucmRiLmxpbG8ucHJp
bnQyNHRlc3QuZGWCJSoudW5pdGVkcHJpbnQucmRiLm9ubG8ucHJpbnQyNHRlc3Qu
ZGWCJSoudW5pdGVkcHJpbnQucmRiLnJlbG8ucHJpbnQyNHRlc3QuZGWCISoucHJp
bnQyNC5uZXQuZGVsby5wcmludDI0dGVzdC5kZYIhKi5wcmludDI0Lm5ldC5saWxv
LnByaW50MjR0ZXN0LmRlgiEqLnByaW50MjQubmV0Lm9ubG8ucHJpbnQyNHRlc3Qu
ZGWCISoucHJpbnQyNC5uZXQucmVsby5wcmludDI0dGVzdC5kZYIfcHJpbnQyNC5j
b20uZGVsby5wcmludDI0dGVzdC5kZYIfcHJpbnQyNC5jb20ubGlsby5wcmludDI0
dGVzdC5kZYIfcHJpbnQyNC5jb20ub25sby5wcmludDI0dGVzdC5kZYIfcHJpbnQy
NC5jb20ucmVsby5wcmludDI0dGVzdC5kZYIlKi51bml0ZWRwcmludC5jb20uZGV0
cy5wcmludDI0dGVzdC5kZYIlKi51bml0ZWRwcmludC5jb20ubGl0cy5wcmludDI0
dGVzdC5kZYIlKi51bml0ZWRwcmludC5jb20ub250cy5wcmludDI0dGVzdC5kZYIl
Ki51bml0ZWRwcmludC5jb20ucmV0cy5wcmludDI0dGVzdC5kZYIiKi5nZXRwcmlu
dC5jb20uZGV0cy5wcmludDI0dGVzdC5kZYIiKi5nZXRwcmludC5jb20ubGl0cy5w
cmludDI0dGVzdC5kZYIiKi5nZXRwcmludC5jb20ub250cy5wcmludDI0dGVzdC5k
ZYIiKi5nZXRwcmludC5jb20ucmV0cy5wcmludDI0dGVzdC5kZYIjKi5wcmludHdo
YXQuY29tLmRldHMucHJpbnQyNHRlc3QuZGWCIyoucHJpbnR3aGF0LmNvbS5saXRz
LnByaW50MjR0ZXN0LmRlgiMqLnByaW50d2hhdC5jb20ub250cy5wcmludDI0dGVz
dC5kZYIjKi5wcmludHdoYXQuY29tLnJldHMucHJpbnQyNHRlc3QuZGWCJCouZmly
c3RwcmludC5jb20uZGV0cy5wcmludDI0dGVzdC5kZYIkKi5maXJzdHByaW50LmNv
bS5saXRzLnByaW50MjR0ZXN0LmRlgiQqLmZpcnN0cHJpbnQuY29tLm9udHMucHJp
bnQyNHRlc3QuZGWCJCouZmlyc3RwcmludC5jb20ucmV0cy5wcmludDI0dGVzdC5k
ZYImKi5lYXN5cHJpbnRpbmcuY29tLmRldHMucHJpbnQyNHRlc3QuZGWCJiouZWFz
eXByaW50aW5nLmNvbS5saXRzLnByaW50MjR0ZXN0LmRlgiYqLmVhc3lwcmludGlu
Zy5jb20ub250cy5wcmludDI0dGVzdC5kZYImKi5lYXN5cHJpbnRpbmcuY29tLnJl
dHMucHJpbnQyNHRlc3QuZGWCIyoucHJpbnR3aGF0LmNvbS5kZXRzLnByaW50MjR0
ZXN0LmRlgiMqLnByaW50d2hhdC5jb20ubGl0cy5wcmludDI0dGVzdC5kZYIjKi5w
cmludHdoYXQuY29tLm9udHMucHJpbnQyNHRlc3QuZGWCIyoucHJpbnR3aGF0LmNv
bS5yZXRzLnByaW50MjR0ZXN0LmRlgiEqLnByaW50MjQuY29tLmRldHMucHJpbnQy
NHRlc3QuZGWCISoucHJpbnQyNC5jb20ubGl0cy5wcmludDI0dGVzdC5kZYIhKi5w
cmludDI0LmNvbS5vbnRzLnByaW50MjR0ZXN0LmRlgiEqLnByaW50MjQuY29tLnJl
dHMucHJpbnQyNHRlc3QuZGWCJSoudW5pdGVkcHJpbnQucmRiLmRldHMucHJpbnQy
NHRlc3QuZGWCJSoudW5pdGVkcHJpbnQucmRiLmxpdHMucHJpbnQyNHRlc3QuZGWC
JSoudW5pdGVkcHJpbnQucmRiLm9udHMucHJpbnQyNHRlc3QuZGWCJSoudW5pdGVk
cHJpbnQucmRiLnJldHMucHJpbnQyNHRlc3QuZGWCISoucHJpbnQyNC5uZXQuZGV0
cy5wcmludDI0dGVzdC5kZYIhKi5wcmludDI0Lm5ldC5saXRzLnByaW50MjR0ZXN0
LmRlgiEqLnByaW50MjQubmV0Lm9udHMucHJpbnQyNHRlc3QuZGWCISoucHJpbnQy
NC5uZXQucmV0cy5wcmludDI0dGVzdC5kZYIfcHJpbnQyNC5jb20uZGV0cy5wcmlu
dDI0dGVzdC5kZYIfcHJpbnQyNC5jb20ubGl0cy5wcmludDI0dGVzdC5kZYIfcHJp
bnQyNC5jb20ub250cy5wcmludDI0dGVzdC5kZYIfcHJpbnQyNC5jb20ucmV0cy5w
cmludDI0dGVzdC5kZYIfcHJpbnQyNC5jb20ubGZsby5wcmludDI0dGVzdC5kZYIf
cHJpbnQyNC5jb20ubGZ0cy5wcmludDI0dGVzdC5kZYIlKi51bml0ZWRwcmludC5j
b20ubGZsby5wcmludDI0dGVzdC5kZYIlKi51bml0ZWRwcmludC5jb20ubGZ0cy5w
cmludDI0dGVzdC5kZTAdBgNVHQ4EFgQUFhVDOa3/sycqssHAAa+b+f1GCA0wHwYD
VR0jBBgwFoAUTZg9lxR5VIIdZnhDTECXBK8zdWMwgdIGA1UdHwSByjCBxzCBxKCB
waCBvoaBu2xkYXA6Ly8vQ049dW5pdGVkcHJpbnQtcmRiLENOPVJEQlNDMDAxLENO
PUNEUCxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1D
b25maWd1cmF0aW9uLERDPXVuaXRlZHByaW50LERDPXJkYj9jZXJ0aWZpY2F0ZVJl
dm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9p
bnQwgcUGCCsGAQUFBwEBBIG4MIG1MIGyBggrBgEFBQcwAoaBpWxkYXA6Ly8vQ049
dW5pdGVkcHJpbnQtcmRiLENOPUFJQSxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNl
cyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPXVuaXRlZHByaW50LERD
PXJkYj9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlv
bkF1dGhvcml0eTA+BgkrBgEEAYI3FQcEMTAvBicrBgEEAYI3FQiC57BNgY7zeIfF
lSiCzLcMh72JXoEdhfC/KobxoTwCAWUCAQAwEwYDVR0lBAwwCgYIKwYBBQUHAwEw
GwYJKwYBBAGCNxUKBA4wDDAKBggrBgEFBQcDATBEBgkqhkiG9w0BCQ8ENzA1MA4G
CCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYFKw4DAgcwCgYIKoZIhvcN
AwcwDQYJKoZIhvcNAQEFBQADggEBAA/NUfmva5bJeyfw4EhwjNBmoG1eRfhAC7FV
GOQBMcf2K9pqiRtC+QUfzWp4pKA/IZVMwG04wyKwbmJAf6jsb9vrSKqKdgj2skhe
GSX1Ydj4Hi9hlKT9J5gtkw0Ov+rqiHNVXOurODi/V9Wanja6BoFWpxxwm6bG0w2G
qzDtDBRriPudeU/mDtq7jEQTSlfMGEe8JNg4SpVJdaji1OaJ+liojKvujuKDmsHJ
CaOg6kA4n5Xsq7HwAJO9wn+tXuxjLFU7QuuMyDY+93gb1MQ0IS/cuEkhO4P2jU6S
CjAPF748FFceBbQTcbCBRjkZTw3sMMebWwSFscpb8x9x9MXw270=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDizCCAnOgAwIBAgIQTNqhG0ybB4VJVXjW/2TOzzANBgkqhkiG9w0BAQUFADBM
MRMwEQYKCZImiZPyLGQBGRYDcmRiMRswGQYKCZImiZPyLGQBGRYLdW5pdGVkcHJp
bnQxGDAWBgNVBAMTD3VuaXRlZHByaW50LXJkYjAeFw0xMjEyMTEwODIzMjhaFw0y
MjEyMTEwODMzMjZaMEwxEzARBgoJkiaJk/IsZAEZFgNyZGIxGzAZBgoJkiaJk/Is
ZAEZFgt1bml0ZWRwcmludDEYMBYGA1UEAxMPdW5pdGVkcHJpbnQtcmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0Y8qapmYsOLKNouKTjs4mZTj/q7
rIr1n1QOa57lV3NcppsXoVrhD9n/ghzv50IJG3gFrs4IHJYMK3OhRHGf+Jm/y8Yb
Z9cTo9o3aQa4wfQL3LPKI3Rzdw4sFQ2d60xBFvwvTLdzzbBZXXzBdDVrygHgE4PJ
VLhcOzYfzvjrrBuQJts3YSJ7f7Wi7EhZcGgDlpeS4YjS2TwAeIVx1r1rnfI3rwh8
riNwE+8gD3MAmn7vZotOgWt0cN6u6dPcTw7cNWr+1wUEmUQpgj2Pt7RLd6gh5td1
M1+0Rl0bCBx9rhnYzO3selsn1A8uKNF7KxunQEAoaEwzdk2RgF3MnvsWVwIDAQAB
o2kwZzATBgkrBgEEAYI3FAIEBh4EAEMAQTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0T
AQH/BAUwAwEB/zAdBgNVHQ4EFgQUTZg9lxR5VIIdZnhDTECXBK8zdWMwEAYJKwYB
BAGCNxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBACN+euJI9sVBdEBHgm+3VSNb
zBMuCaBQp2LqoJeY5vuvo9YyhnLdK5FiDoJaTV3N/3mhC0fgIVWo87KNe0QTwuYA
uOJzWegbGiO06ZQaGFZaDrc8Pi4oLDLTlzLModDP6heDCLX234Retnbgss2zadr+
aErcVF8FhI7Ja691Nji8S7W1j+Gmt/GAHLyTVe18+jE0DtrHPBv77JJG5WYugKKU
Mgvf1XcNSY0y9DAcdjr3nljPCrjPmrZK2Q5Ak8Y6+xCkhSTXb0o17j0KYFDp9Qwq
oiV45c63Hy7dzHlwyUXeJuPwiKuWBYaV+HdFlFDMk3tU3kwIXmwmwQLjonSm18Q=
-----END CERTIFICATE-----
A DESCRIPTION OF THE PROBLEM :
Accessing our internal url https://print24.com.dets.print24test.de/de/ from an Webstart application with
new URL("https://print24.com.dets.print24test.de").openConnection().getInputStream();
fails with java.lang.StringIndexOutOfBoundsException: String index out of range: -5 in com.sun.deploy.security.CertUtils.checkWildcardDomain.
See log output below. The same code works with java 8u40.
REGRESSION. Last worked in version 8u40
ERROR MESSAGES/STACK TRACES THAT OCCUR :
network: Verbindung von https://print24.com.dets.print24test.de/de/cgi-bin/up_portals.cgi?module=catalogue&availabilityTypeId=3&options=product%7E1635&portalName=easyprint&countryCode=DE&languageCode=de&shippingDestinationChoice=1 mit Proxy=DIRECT wird hergestellt
network: Verbindung von http://print24.com.dets.print24test.de:443/ mit Proxy=DIRECT wird hergestellt
security: SSL-Root-CA-Zertifikate werden aus C:\Program Files (x86)\Java\jre1.8.0_60\lib\security\cacerts geladen
security: SSL-Root-CA-Zertifikate aus C:\Program Files (x86)\Java\jre1.8.0_60\lib\security\cacerts geladen
security: Zertifikatsammlung aus SSL-Root-CA-Zertifikatspeicher abrufen
security: Zertifikatsammlung aus SSL-Root-CA-Zertifikatspeicher abrufen
security: Zertifikate werden aus Deployment-Session-Zertifikatspeicher geladen
security: Zertifikate wurden aus Deployment-Session-Zertifikatspeicher geladen
security: SHA-256Certificate finger print: A8C15FB30FD20D6CAD5D7409951EEA211131E27540712EFD956B4EB8A59075DE
security: SSL-Zertifikat wird im permanenten Deployment-Zertifikatspeicher gesucht
security: Zertifikatsammlung aus SSL-Root-CA-Zertifikatspeicher abrufen
security: Zertifikatsammlung aus SSL-Root-CA-Zertifikatspeicher abrufen
security: Zertifikatsammlung aus SSL-Root-CA-Zertifikatspeicher abrufen
security: Zertifikatsammlung aus SSL-Root-CA-Zertifikatspeicher abrufen
security: Zertifikate werden aus Deployment-Session-Zertifikatspeicher geladen
security: Zertifikate wurden aus Deployment-Session-Zertifikatspeicher geladen
security: Failing over to CRLs: Certificate does not specify OCSP responder
network: Verbindung von http://localhost:389/ mit Proxy=DIRECT wird hergestellt
security: Revocation Status Unknown
com.sun.deploy.security.RevocationChecker$StatusUnknownException: Certificate does not specify OCSP responder
at com.sun.deploy.security.RevocationChecker.checkOCSP(Unknown Source)
at com.sun.deploy.security.RevocationChecker.check(Unknown Source)
at com.sun.deploy.security.RevocationCheckHelper.doRevocationCheck(Unknown Source)
at com.sun.deploy.security.RevocationCheckHelper.doRevocationCheck(Unknown Source)
at com.sun.deploy.security.RevocationCheckHelper.checkRevocationStatus(Unknown Source)
at com.sun.deploy.security.X509TrustManagerDelegate.checkTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManagerDelegate.checkServerTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.readCatalogue(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.doReadCatalogueData(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.doReadCatalogueData(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.readCatalogueByProductOptionId(SourceFile)
at com.infowerk.fx.unitedprint.ctrl.UnitedPrintMainPresenter$3.call(SourceFile)
at com.infowerk.fx.unitedprint.ctrl.UnitedPrintMainPresenter$3.call(SourceFile)
at javafx.concurrent.Task$TaskCallable.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Suppressed: com.sun.deploy.security.RevocationChecker$StatusUnknownException
at com.sun.deploy.security.RevocationChecker.checkCRLs(Unknown Source)
... 38 more
java.lang.StringIndexOutOfBoundsException: String index out of range: -5
at java.lang.String.substring(Unknown Source)
at com.sun.deploy.security.CertUtils.checkWildcardDomain(Unknown Source)
at com.sun.deploy.security.CertUtils.checkWildcardDomainList(Unknown Source)
at com.sun.deploy.security.TrustDeciderDialog.showDialog(Unknown Source)
at com.sun.deploy.security.X509TrustManagerDelegate.checkTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManagerDelegate.checkServerTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.readCatalogue(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.doReadCatalogueData(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.doReadCatalogueData(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.readCatalogueByProductOptionId(SourceFile)
at com.infowerk.fx.unitedprint.ctrl.UnitedPrintMainPresenter$3.call(SourceFile)
at com.infowerk.fx.unitedprint.ctrl.UnitedPrintMainPresenter$3.call(SourceFile)
at javafx.concurrent.Task$TaskCallable.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Java couldn't trust Server
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.readCatalogue(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.doReadCatalogueData(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.doReadCatalogueData(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.readCatalogueByProductOptionId(SourceFile)
at com.infowerk.fx.unitedprint.ctrl.UnitedPrintMainPresenter$3.call(SourceFile)
at com.infowerk.fx.unitedprint.ctrl.UnitedPrintMainPresenter$3.call(SourceFile)
at javafx.concurrent.Task$TaskCallable.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.cert.CertificateException: Java couldn't trust Server
at com.sun.deploy.security.X509TrustManagerDelegate.checkTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManagerDelegate.checkServerTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
... 31 more
REPRODUCIBILITY :
This bug can be reproduced always.
java version "1.8.0_60-ea"
Java(TM) SE Runtime Environment (build 1.8.0_60-ea-b05)
Java HotSpot(TM) 32-Bit Server VM (build 25.60-b05, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7601]
EXTRA RELEVANT SYSTEM CONFIGURATION :
Certificates used by the Webserver
-----BEGIN CERTIFICATE-----
MIISIjCCEQqgAwIBAgIKGE5vtgAAAAAFQTANBgkqhkiG9w0BAQUFADBMMRMwEQYK
CZImiZPyLGQBGRYDcmRiMRswGQYKCZImiZPyLGQBGRYLdW5pdGVkcHJpbnQxGDAW
BgNVBAMTD3VuaXRlZHByaW50LXJkYjAeFw0xNDA2MDIxNTQwNTBaFw0xNjA2MDIx
NTUwNTBaMH4xCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZTYXhvbnkxETAPBgNVBAcT
CFJhZGViZXVsMRswGQYDVQQKExJ1bml0ZWRwcmludC5jb20gU0UxLjAsBgNVBAMM
JSoudW5pdGVkcHJpbnQuY29tLmRlbG8ucHJpbnQyNHRlc3QuZGUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+NHZo9z6cGOnNGvrhzhUj0gqczklP294m
OvsoDaWtJrKQ0UC5vP5FTotzuCdzBRBzs2vXieCZTj+JEWBvKd2cWCVz4ebM6v1C
0tLZD/OgZGaiafRiYEO8Yb6aubV14Ej7b+wzk9n0sayj/8l0iQE9bsTckpnUQHaV
g3mor1sM9Bw99TP1SyVn8EbWIuJ/W0vDX0Sc9hkDE5wrlrb+WN8OneF4fNfTuUse
MZHJ5oHhtNJGu1pIz28K1XIZ/Bdd+XdDbKpai1XgfWRKPoVP0CLgnfoxauV9h9Yr
37uGpBQs27uFGFdW+yKbAxbIpEN3ZLdxHIcB3Wf0db0OQPgEXihtAgMBAAGjgg7S
MIIOzjAOBgNVHQ8BAf8EBAMCBaAwggwlBgNVHREEggwcMIIMGIIlKi51bml0ZWRw
cmludC5jb20uZGVsby5wcmludDI0dGVzdC5kZYIlKi51bml0ZWRwcmludC5jb20u
bGlsby5wcmludDI0dGVzdC5kZYIlKi51bml0ZWRwcmludC5jb20ub25sby5wcmlu
dDI0dGVzdC5kZYIlKi51bml0ZWRwcmludC5jb20ucmVsby5wcmludDI0dGVzdC5k
ZYIiKi5nZXRwcmludC5jb20uZGVsby5wcmludDI0dGVzdC5kZYIiKi5nZXRwcmlu
dC5jb20ubGlsby5wcmludDI0dGVzdC5kZYIiKi5nZXRwcmludC5jb20ub25sby5w
cmludDI0dGVzdC5kZYIiKi5nZXRwcmludC5jb20ucmVsby5wcmludDI0dGVzdC5k
ZYIjKi5wcmludHdoYXQuY29tLmRlbG8ucHJpbnQyNHRlc3QuZGWCIyoucHJpbnR3
aGF0LmNvbS5saWxvLnByaW50MjR0ZXN0LmRlgiMqLnByaW50d2hhdC5jb20ub25s
by5wcmludDI0dGVzdC5kZYIjKi5wcmludHdoYXQuY29tLnJlbG8ucHJpbnQyNHRl
c3QuZGWCJCouZmlyc3RwcmludC5jb20uZGVsby5wcmludDI0dGVzdC5kZYIkKi5m
aXJzdHByaW50LmNvbS5saWxvLnByaW50MjR0ZXN0LmRlgiQqLmZpcnN0cHJpbnQu
Y29tLm9ubG8ucHJpbnQyNHRlc3QuZGWCJCouZmlyc3RwcmludC5jb20ucmVsby5w
cmludDI0dGVzdC5kZYImKi5lYXN5cHJpbnRpbmcuY29tLmRlbG8ucHJpbnQyNHRl
c3QuZGWCJiouZWFzeXByaW50aW5nLmNvbS5saWxvLnByaW50MjR0ZXN0LmRlgiYq
LmVhc3lwcmludGluZy5jb20ub25sby5wcmludDI0dGVzdC5kZYImKi5lYXN5cHJp
bnRpbmcuY29tLnJlbG8ucHJpbnQyNHRlc3QuZGWCIyoucHJpbnR3aGF0LmNvbS5k
ZWxvLnByaW50MjR0ZXN0LmRlgiMqLnByaW50d2hhdC5jb20ubGlsby5wcmludDI0
dGVzdC5kZYIjKi5wcmludHdoYXQuY29tLm9ubG8ucHJpbnQyNHRlc3QuZGWCIyou
cHJpbnR3aGF0LmNvbS5yZWxvLnByaW50MjR0ZXN0LmRlgiEqLnByaW50MjQuY29t
LmRlbG8ucHJpbnQyNHRlc3QuZGWCISoucHJpbnQyNC5jb20ubGlsby5wcmludDI0
dGVzdC5kZYIhKi5wcmludDI0LmNvbS5vbmxvLnByaW50MjR0ZXN0LmRlgiEqLnBy
aW50MjQuY29tLnJlbG8ucHJpbnQyNHRlc3QuZGWCJSoudW5pdGVkcHJpbnQucmRi
LmRlbG8ucHJpbnQyNHRlc3QuZGWCJSoudW5pdGVkcHJpbnQucmRiLmxpbG8ucHJp
bnQyNHRlc3QuZGWCJSoudW5pdGVkcHJpbnQucmRiLm9ubG8ucHJpbnQyNHRlc3Qu
ZGWCJSoudW5pdGVkcHJpbnQucmRiLnJlbG8ucHJpbnQyNHRlc3QuZGWCISoucHJp
bnQyNC5uZXQuZGVsby5wcmludDI0dGVzdC5kZYIhKi5wcmludDI0Lm5ldC5saWxv
LnByaW50MjR0ZXN0LmRlgiEqLnByaW50MjQubmV0Lm9ubG8ucHJpbnQyNHRlc3Qu
ZGWCISoucHJpbnQyNC5uZXQucmVsby5wcmludDI0dGVzdC5kZYIfcHJpbnQyNC5j
b20uZGVsby5wcmludDI0dGVzdC5kZYIfcHJpbnQyNC5jb20ubGlsby5wcmludDI0
dGVzdC5kZYIfcHJpbnQyNC5jb20ub25sby5wcmludDI0dGVzdC5kZYIfcHJpbnQy
NC5jb20ucmVsby5wcmludDI0dGVzdC5kZYIlKi51bml0ZWRwcmludC5jb20uZGV0
cy5wcmludDI0dGVzdC5kZYIlKi51bml0ZWRwcmludC5jb20ubGl0cy5wcmludDI0
dGVzdC5kZYIlKi51bml0ZWRwcmludC5jb20ub250cy5wcmludDI0dGVzdC5kZYIl
Ki51bml0ZWRwcmludC5jb20ucmV0cy5wcmludDI0dGVzdC5kZYIiKi5nZXRwcmlu
dC5jb20uZGV0cy5wcmludDI0dGVzdC5kZYIiKi5nZXRwcmludC5jb20ubGl0cy5w
cmludDI0dGVzdC5kZYIiKi5nZXRwcmludC5jb20ub250cy5wcmludDI0dGVzdC5k
ZYIiKi5nZXRwcmludC5jb20ucmV0cy5wcmludDI0dGVzdC5kZYIjKi5wcmludHdo
YXQuY29tLmRldHMucHJpbnQyNHRlc3QuZGWCIyoucHJpbnR3aGF0LmNvbS5saXRz
LnByaW50MjR0ZXN0LmRlgiMqLnByaW50d2hhdC5jb20ub250cy5wcmludDI0dGVz
dC5kZYIjKi5wcmludHdoYXQuY29tLnJldHMucHJpbnQyNHRlc3QuZGWCJCouZmly
c3RwcmludC5jb20uZGV0cy5wcmludDI0dGVzdC5kZYIkKi5maXJzdHByaW50LmNv
bS5saXRzLnByaW50MjR0ZXN0LmRlgiQqLmZpcnN0cHJpbnQuY29tLm9udHMucHJp
bnQyNHRlc3QuZGWCJCouZmlyc3RwcmludC5jb20ucmV0cy5wcmludDI0dGVzdC5k
ZYImKi5lYXN5cHJpbnRpbmcuY29tLmRldHMucHJpbnQyNHRlc3QuZGWCJiouZWFz
eXByaW50aW5nLmNvbS5saXRzLnByaW50MjR0ZXN0LmRlgiYqLmVhc3lwcmludGlu
Zy5jb20ub250cy5wcmludDI0dGVzdC5kZYImKi5lYXN5cHJpbnRpbmcuY29tLnJl
dHMucHJpbnQyNHRlc3QuZGWCIyoucHJpbnR3aGF0LmNvbS5kZXRzLnByaW50MjR0
ZXN0LmRlgiMqLnByaW50d2hhdC5jb20ubGl0cy5wcmludDI0dGVzdC5kZYIjKi5w
cmludHdoYXQuY29tLm9udHMucHJpbnQyNHRlc3QuZGWCIyoucHJpbnR3aGF0LmNv
bS5yZXRzLnByaW50MjR0ZXN0LmRlgiEqLnByaW50MjQuY29tLmRldHMucHJpbnQy
NHRlc3QuZGWCISoucHJpbnQyNC5jb20ubGl0cy5wcmludDI0dGVzdC5kZYIhKi5w
cmludDI0LmNvbS5vbnRzLnByaW50MjR0ZXN0LmRlgiEqLnByaW50MjQuY29tLnJl
dHMucHJpbnQyNHRlc3QuZGWCJSoudW5pdGVkcHJpbnQucmRiLmRldHMucHJpbnQy
NHRlc3QuZGWCJSoudW5pdGVkcHJpbnQucmRiLmxpdHMucHJpbnQyNHRlc3QuZGWC
JSoudW5pdGVkcHJpbnQucmRiLm9udHMucHJpbnQyNHRlc3QuZGWCJSoudW5pdGVk
cHJpbnQucmRiLnJldHMucHJpbnQyNHRlc3QuZGWCISoucHJpbnQyNC5uZXQuZGV0
cy5wcmludDI0dGVzdC5kZYIhKi5wcmludDI0Lm5ldC5saXRzLnByaW50MjR0ZXN0
LmRlgiEqLnByaW50MjQubmV0Lm9udHMucHJpbnQyNHRlc3QuZGWCISoucHJpbnQy
NC5uZXQucmV0cy5wcmludDI0dGVzdC5kZYIfcHJpbnQyNC5jb20uZGV0cy5wcmlu
dDI0dGVzdC5kZYIfcHJpbnQyNC5jb20ubGl0cy5wcmludDI0dGVzdC5kZYIfcHJp
bnQyNC5jb20ub250cy5wcmludDI0dGVzdC5kZYIfcHJpbnQyNC5jb20ucmV0cy5w
cmludDI0dGVzdC5kZYIfcHJpbnQyNC5jb20ubGZsby5wcmludDI0dGVzdC5kZYIf
cHJpbnQyNC5jb20ubGZ0cy5wcmludDI0dGVzdC5kZYIlKi51bml0ZWRwcmludC5j
b20ubGZsby5wcmludDI0dGVzdC5kZYIlKi51bml0ZWRwcmludC5jb20ubGZ0cy5w
cmludDI0dGVzdC5kZTAdBgNVHQ4EFgQUFhVDOa3/sycqssHAAa+b+f1GCA0wHwYD
VR0jBBgwFoAUTZg9lxR5VIIdZnhDTECXBK8zdWMwgdIGA1UdHwSByjCBxzCBxKCB
waCBvoaBu2xkYXA6Ly8vQ049dW5pdGVkcHJpbnQtcmRiLENOPVJEQlNDMDAxLENO
PUNEUCxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1D
b25maWd1cmF0aW9uLERDPXVuaXRlZHByaW50LERDPXJkYj9jZXJ0aWZpY2F0ZVJl
dm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9p
bnQwgcUGCCsGAQUFBwEBBIG4MIG1MIGyBggrBgEFBQcwAoaBpWxkYXA6Ly8vQ049
dW5pdGVkcHJpbnQtcmRiLENOPUFJQSxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNl
cyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPXVuaXRlZHByaW50LERD
PXJkYj9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlv
bkF1dGhvcml0eTA+BgkrBgEEAYI3FQcEMTAvBicrBgEEAYI3FQiC57BNgY7zeIfF
lSiCzLcMh72JXoEdhfC/KobxoTwCAWUCAQAwEwYDVR0lBAwwCgYIKwYBBQUHAwEw
GwYJKwYBBAGCNxUKBA4wDDAKBggrBgEFBQcDATBEBgkqhkiG9w0BCQ8ENzA1MA4G
CCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYFKw4DAgcwCgYIKoZIhvcN
AwcwDQYJKoZIhvcNAQEFBQADggEBAA/NUfmva5bJeyfw4EhwjNBmoG1eRfhAC7FV
GOQBMcf2K9pqiRtC+QUfzWp4pKA/IZVMwG04wyKwbmJAf6jsb9vrSKqKdgj2skhe
GSX1Ydj4Hi9hlKT9J5gtkw0Ov+rqiHNVXOurODi/V9Wanja6BoFWpxxwm6bG0w2G
qzDtDBRriPudeU/mDtq7jEQTSlfMGEe8JNg4SpVJdaji1OaJ+liojKvujuKDmsHJ
CaOg6kA4n5Xsq7HwAJO9wn+tXuxjLFU7QuuMyDY+93gb1MQ0IS/cuEkhO4P2jU6S
CjAPF748FFceBbQTcbCBRjkZTw3sMMebWwSFscpb8x9x9MXw270=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDizCCAnOgAwIBAgIQTNqhG0ybB4VJVXjW/2TOzzANBgkqhkiG9w0BAQUFADBM
MRMwEQYKCZImiZPyLGQBGRYDcmRiMRswGQYKCZImiZPyLGQBGRYLdW5pdGVkcHJp
bnQxGDAWBgNVBAMTD3VuaXRlZHByaW50LXJkYjAeFw0xMjEyMTEwODIzMjhaFw0y
MjEyMTEwODMzMjZaMEwxEzARBgoJkiaJk/IsZAEZFgNyZGIxGzAZBgoJkiaJk/Is
ZAEZFgt1bml0ZWRwcmludDEYMBYGA1UEAxMPdW5pdGVkcHJpbnQtcmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0Y8qapmYsOLKNouKTjs4mZTj/q7
rIr1n1QOa57lV3NcppsXoVrhD9n/ghzv50IJG3gFrs4IHJYMK3OhRHGf+Jm/y8Yb
Z9cTo9o3aQa4wfQL3LPKI3Rzdw4sFQ2d60xBFvwvTLdzzbBZXXzBdDVrygHgE4PJ
VLhcOzYfzvjrrBuQJts3YSJ7f7Wi7EhZcGgDlpeS4YjS2TwAeIVx1r1rnfI3rwh8
riNwE+8gD3MAmn7vZotOgWt0cN6u6dPcTw7cNWr+1wUEmUQpgj2Pt7RLd6gh5td1
M1+0Rl0bCBx9rhnYzO3selsn1A8uKNF7KxunQEAoaEwzdk2RgF3MnvsWVwIDAQAB
o2kwZzATBgkrBgEEAYI3FAIEBh4EAEMAQTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0T
AQH/BAUwAwEB/zAdBgNVHQ4EFgQUTZg9lxR5VIIdZnhDTECXBK8zdWMwEAYJKwYB
BAGCNxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBACN+euJI9sVBdEBHgm+3VSNb
zBMuCaBQp2LqoJeY5vuvo9YyhnLdK5FiDoJaTV3N/3mhC0fgIVWo87KNe0QTwuYA
uOJzWegbGiO06ZQaGFZaDrc8Pi4oLDLTlzLModDP6heDCLX234Retnbgss2zadr+
aErcVF8FhI7Ja691Nji8S7W1j+Gmt/GAHLyTVe18+jE0DtrHPBv77JJG5WYugKKU
Mgvf1XcNSY0y9DAcdjr3nljPCrjPmrZK2Q5Ak8Y6+xCkhSTXb0o17j0KYFDp9Qwq
oiV45c63Hy7dzHlwyUXeJuPwiKuWBYaV+HdFlFDMk3tU3kwIXmwmwQLjonSm18Q=
-----END CERTIFICATE-----
A DESCRIPTION OF THE PROBLEM :
Accessing our internal url https://print24.com.dets.print24test.de/de/ from an Webstart application with
new URL("https://print24.com.dets.print24test.de").openConnection().getInputStream();
fails with java.lang.StringIndexOutOfBoundsException: String index out of range: -5 in com.sun.deploy.security.CertUtils.checkWildcardDomain.
See log output below. The same code works with java 8u40.
REGRESSION. Last worked in version 8u40
ERROR MESSAGES/STACK TRACES THAT OCCUR :
network: Verbindung von https://print24.com.dets.print24test.de/de/cgi-bin/up_portals.cgi?module=catalogue&availabilityTypeId=3&options=product%7E1635&portalName=easyprint&countryCode=DE&languageCode=de&shippingDestinationChoice=1 mit Proxy=DIRECT wird hergestellt
network: Verbindung von http://print24.com.dets.print24test.de:443/ mit Proxy=DIRECT wird hergestellt
security: SSL-Root-CA-Zertifikate werden aus C:\Program Files (x86)\Java\jre1.8.0_60\lib\security\cacerts geladen
security: SSL-Root-CA-Zertifikate aus C:\Program Files (x86)\Java\jre1.8.0_60\lib\security\cacerts geladen
security: Zertifikatsammlung aus SSL-Root-CA-Zertifikatspeicher abrufen
security: Zertifikatsammlung aus SSL-Root-CA-Zertifikatspeicher abrufen
security: Zertifikate werden aus Deployment-Session-Zertifikatspeicher geladen
security: Zertifikate wurden aus Deployment-Session-Zertifikatspeicher geladen
security: SHA-256Certificate finger print: A8C15FB30FD20D6CAD5D7409951EEA211131E27540712EFD956B4EB8A59075DE
security: SSL-Zertifikat wird im permanenten Deployment-Zertifikatspeicher gesucht
security: Zertifikatsammlung aus SSL-Root-CA-Zertifikatspeicher abrufen
security: Zertifikatsammlung aus SSL-Root-CA-Zertifikatspeicher abrufen
security: Zertifikatsammlung aus SSL-Root-CA-Zertifikatspeicher abrufen
security: Zertifikatsammlung aus SSL-Root-CA-Zertifikatspeicher abrufen
security: Zertifikate werden aus Deployment-Session-Zertifikatspeicher geladen
security: Zertifikate wurden aus Deployment-Session-Zertifikatspeicher geladen
security: Failing over to CRLs: Certificate does not specify OCSP responder
network: Verbindung von http://localhost:389/ mit Proxy=DIRECT wird hergestellt
security: Revocation Status Unknown
com.sun.deploy.security.RevocationChecker$StatusUnknownException: Certificate does not specify OCSP responder
at com.sun.deploy.security.RevocationChecker.checkOCSP(Unknown Source)
at com.sun.deploy.security.RevocationChecker.check(Unknown Source)
at com.sun.deploy.security.RevocationCheckHelper.doRevocationCheck(Unknown Source)
at com.sun.deploy.security.RevocationCheckHelper.doRevocationCheck(Unknown Source)
at com.sun.deploy.security.RevocationCheckHelper.checkRevocationStatus(Unknown Source)
at com.sun.deploy.security.X509TrustManagerDelegate.checkTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManagerDelegate.checkServerTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.readCatalogue(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.doReadCatalogueData(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.doReadCatalogueData(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.readCatalogueByProductOptionId(SourceFile)
at com.infowerk.fx.unitedprint.ctrl.UnitedPrintMainPresenter$3.call(SourceFile)
at com.infowerk.fx.unitedprint.ctrl.UnitedPrintMainPresenter$3.call(SourceFile)
at javafx.concurrent.Task$TaskCallable.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Suppressed: com.sun.deploy.security.RevocationChecker$StatusUnknownException
at com.sun.deploy.security.RevocationChecker.checkCRLs(Unknown Source)
... 38 more
java.lang.StringIndexOutOfBoundsException: String index out of range: -5
at java.lang.String.substring(Unknown Source)
at com.sun.deploy.security.CertUtils.checkWildcardDomain(Unknown Source)
at com.sun.deploy.security.CertUtils.checkWildcardDomainList(Unknown Source)
at com.sun.deploy.security.TrustDeciderDialog.showDialog(Unknown Source)
at com.sun.deploy.security.X509TrustManagerDelegate.checkTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManagerDelegate.checkServerTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.readCatalogue(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.doReadCatalogueData(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.doReadCatalogueData(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.readCatalogueByProductOptionId(SourceFile)
at com.infowerk.fx.unitedprint.ctrl.UnitedPrintMainPresenter$3.call(SourceFile)
at com.infowerk.fx.unitedprint.ctrl.UnitedPrintMainPresenter$3.call(SourceFile)
at javafx.concurrent.Task$TaskCallable.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Java couldn't trust Server
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.readCatalogue(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.doReadCatalogueData(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.doReadCatalogueData(SourceFile)
at com.infowerk.fx.unitedprint.catalogue.CatalogueService.readCatalogueByProductOptionId(SourceFile)
at com.infowerk.fx.unitedprint.ctrl.UnitedPrintMainPresenter$3.call(SourceFile)
at com.infowerk.fx.unitedprint.ctrl.UnitedPrintMainPresenter$3.call(SourceFile)
at javafx.concurrent.Task$TaskCallable.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.cert.CertificateException: Java couldn't trust Server
at com.sun.deploy.security.X509TrustManagerDelegate.checkTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManagerDelegate.checkServerTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
... 31 more
REPRODUCIBILITY :
This bug can be reproduced always.
- backported by
-
JDK-8081326 StringIndexOutOfBoundsException in CertUtils.checkWildcardDomain
-
- Resolved
-
-
JDK-8086130 StringIndexOutOfBoundsException in CertUtils.checkWildcardDomain
-
- Resolved
-
-
JDK-8087244 StringIndexOutOfBoundsException in CertUtils.checkWildcardDomain
-
- Resolved
-
-
JDK-8135379 StringIndexOutOfBoundsException in CertUtils.checkWildcardDomain
-
- Resolved
-
-
JDK-8137481 StringIndexOutOfBoundsException in CertUtils.checkWildcardDomain
-
- Resolved
-
-
JDK-8177665 StringIndexOutOfBoundsException in CertUtils.checkWildcardDomain
-
- Resolved
-
(1 backported by)