Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8314509

LuxTrustCA.java fails on machines that cannot reach CA

    XMLWordPrintable

Details

    Description

      Easiest way to reproduce is:
       1. Add "127.0.0.1 crl.luxtrust.lu" to /etc/hosts
       2. Run:

      ```
      $ CONF=macosx-aarch64-server-fastdebug make test TEST=security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.java

      TEST RESULT: Failed. Execution failed: `main' threw exception: java.lang.RuntimeException: TEST FAILED: couldn't determine EE certificate status


      java.lang.RuntimeException: TEST FAILED: couldn't determine EE certificate status
      at ValidatePathWithParams.validate(ValidatePathWithParams.java:177)
      at LuxTrustCA.main(LuxTrustCA.java:187)
      at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
      at java.base/java.lang.reflect.Method.invoke(Method.java:580)
      at com.sun.javatest.regtest.agent.MainWrapper$MainTask.run(MainWrapper.java:138)
      at java.base/java.lang.Thread.run(Thread.java:1570)
      Caused by: java.security.cert.CertPathValidatorException: Unable to determine revocation status due to network error
      at java.base/sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:135)
      at java.base/sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:224)
      at java.base/sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:144)
      at java.base/sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:83)
      at java.base/java.security.cert.CertPathValidator.validate(CertPathValidator.java:309)
      at ValidatePathWithParams.doCertPathValidate(ValidatePathWithParams.java:288)
      at ValidatePathWithParams.validate(ValidatePathWithParams.java:142)
      ... 5 more
      Caused by: sun.security.provider.certpath.PKIX$CertStoreTypeException: java.net.ConnectException: Connection refused
      at java.base/sun.security.provider.certpath.URICertStore.engineGetCRLs(URICertStore.java:438)
      at java.base/java.security.cert.CertStore.getCRLs(CertStore.java:182)
      at java.base/sun.security.provider.certpath.DistributionPointFetcher.getCRL(DistributionPointFetcher.java:236)
      at java.base/sun.security.provider.certpath.DistributionPointFetcher.getCRLs(DistributionPointFetcher.java:179)
      at java.base/sun.security.provider.certpath.DistributionPointFetcher.getCRLs(DistributionPointFetcher.java:110)
      at java.base/sun.security.provider.certpath.RevocationChecker.checkCRLs(RevocationChecker.java:583)
      at java.base/sun.security.provider.certpath.RevocationChecker.checkCRLs(RevocationChecker.java:470)
      at java.base/sun.security.provider.certpath.RevocationChecker.check(RevocationChecker.java:373)
      at java.base/sun.security.provider.certpath.RevocationChecker.check(RevocationChecker.java:343)
      at java.base/sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:125)
      ... 11 more
      Caused by: java.net.ConnectException: Connection refused
      at java.base/sun.nio.ch.Net.pollConnect(Native Method)
      at java.base/sun.nio.ch.Net.pollConnectNow(Net.java:682)
      at java.base/sun.nio.ch.NioSocketImpl.timedFinishConnect(NioSocketImpl.java:542)
      at java.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:592)
      at java.base/java.net.Socket.connect(Socket.java:751)
      ```

      Attachments

        Issue Links

          Activity

            People

              rhalade Rajan Halade
              shade Aleksey Shipilev
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated: