Well, I'm trying to configure Maven's Checkstyle Plugin on the project I'm currently working on and I'm getting the following:
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-checkstyle-plugin:3.0.0:check (verify-style) on project email: Failed during checkstyle execution: Failed during checkstyle configuration: unable to parse configuration stream: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target -> [Help 1]
So, running mvn install -X I've got the following stacktrace:
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1491)
... 52 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
... 58 more
It seems to be related to the DTD specified on the google-checks.xml I've found on the following link on Github: https://github.com/checkstyle/checkstyle/blob/master/src/main/resources/google_checks.xml:
<?xml version="1.0"?>
<!DOCTYPE module PUBLIC
"-//Checkstyle//DTD Checkstyle Configuration 1.3//EN"
"https://checkstyle.org/dtds/configuration_1_3.dtd">
I've tried to add that certificate to my JVM truststore but it doesn't work.
Can anybody figure out what's going wrong?
Thank you in advance.
https://github.com/checkstyle/checkstyle/blob/master/src/main/resources/google_checks.xml
Please use the configuration DTD for your version of Checkstyle that you are using. master is where current development is taking place. As we are changing and adding new things in master, the release versions of Checkstyle may not support it and end up with exceptions.
Here is an example Google XML for release 8.10.1: https://github.com/checkstyle/checkstyle/blob/checkstyle-8.10.1/src/main/resources/google_checks.xml
Related
Connection string
url: jdbc:mariadb://xyz:3306/test?useSSL=true&trustStore=classpath:/path/truststore.jks&trustStorePassword=mypwd&keystoreStore=classpath:/path/keystore.jks&keystoreStorePassword=mypwd
when i connect mairadb with tls/ssl connection getting this error
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
how to connect ssl connection using mariadb in spring boot
Error:
15:35:18 [ERROR] UpdateException: Unable to download meta file: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-modified.meta
15:35:18 [ERROR] caused by DownloadFailedException: Download failed, unable to retrieve 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-modified.meta'; Error downloading file https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-modified.meta; unable to connect.
15:35:18 [ERROR] caused by DownloadFailedException: Error downloading file https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-modified.meta; unable to connect.
15:35:18 [ERROR] caused by SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
15:35:18 [ERROR] caused by ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
15:35:18 [ERROR] caused by SunCertPathBuilderException: unable to find valid certification path to requested target
15:35:18 [ERROR] NoDataException: No documents exist
We have add the dependency checker plugin pom.xml
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>6.0.3</version>
<executions>
<execution>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
<configuration>
<!-- Generate all report formats -->
<assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled>
</configuration>
</plugin>
This error generally means that your JVM cannot create a secure (https) connection to the server nvd.nist.gov because it does not trust the certificate provided by the server. In order to trust the server the public certificate of the server or signing authority must be in the trust store used by the JVM. by default the trust store is in %JAVA_HOME%\lib\security\cacerts, you can list it's contents with the following (windows) keytool -list -keystore "%JAVA_HOME%\lib\security\cacerts" -storepass changeit.
You should see a list of certs, if digicertglobalrootg2 is not listed you need to import it to trust the server as the cert is signed by CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US.
What version of Java are you using? The above cert may not be included in java trust stores prior to 1.8.
After successfully building cas overlay for v5.3.9 with static authentication, after adding the dependency for jdbc the build fails.
The only difference from the basic build is adding the dependency to pom.xml (as per the documentation):
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-jdbc</artifactId>
<version>${cas.version}</version>
</dependency>
There is no indication in the documentation that I should need any authorization to access repository contents
Maven build results as follows:
/NetBeansProjects/cas-overlay-template-5.3; JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk1.8.0_45.jdk/Contents/Home M2_HOME=/opt/apache-maven-3.6.1 /opt/apache-maven-3.6.1/bin/mvn clean install
Scanning for projects...
---------------------< org.apereo.cas:cas-overlay >---------------------
Building cas-overlay 1.0
--------------------------------[ war ]---------------------------------
Downloading from shibboleth-releases: https://build.shibboleth.net/nexus/content/repositories/releases/net/shibboleth/tool/xmlsectool/2.0.0/xmlsectool-2.0.0.pom
Downloading from shib-release: https://build.shibboleth.net/nexus/content/repositories/releases/net/shibboleth/tool/xmlsectool/2.0.0/xmlsectool-2.0.0.pom
Downloading from shib-release: https://build.shibboleth.net/nexus/content/repositories/releases/com/nimbusds/lang-tag/maven-metadata.xml
Downloading from shibboleth-releases: https://build.shibboleth.net/nexus/content/repositories/releases/com/nimbusds/lang-tag/maven-metadata.xml
Could not transfer metadata com.nimbusds:lang-tag/maven-metadata.xml from/to shibboleth-releases (https://build.shibboleth.net/nexus/content/repositories/releases): sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Could not transfer metadata com.nimbusds:lang-tag/maven-metadata.xml from/to shib-release (https://build.shibboleth.net/nexus/content/repositories/releases): sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
------------------------------------------------------------------------
BUILD FAILURE
------------------------------------------------------------------------
Failed to execute goal on project cas-overlay: Could not resolve dependencies for project org.apereo.cas:cas-overlay:war:1.0: Failed to collect dependencies at org.apereo.cas:cas-server-support-jdbc:jar:5.3.9 -> org.apereo.cas:cas-server-core-authentication-api:jar:5.3.9 -> org.apereo.cas:cas-server-core-api-events:jar:5.3.9 -> org.apereo.cas:cas-server-core-util-api:jar:5.3.9 -> org.pac4j:pac4j-saml:jar:3.6.1 -> net.shibboleth.tool:xmlsectool:jar:2.0.0: Failed to read artifact descriptor for net.shibboleth.tool:xmlsectool:jar:2.0.0: Could not transfer artifact net.shibboleth.tool:xmlsectool:pom:2.0.0 from/to shibboleth-releases (https://build.shibboleth.net/nexus/content/repositories/releases): sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target -> [Help 1]
I'm struggling with a problem recently.
I have to make an HTTP call to a secured backend using SPRING restTemplate !
It works smoothly for http endpoint but for an https it gives me the following error:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I have already resolved this issue before importin the certificate to the cacerts in the jre/security of the JDK.
It would be best for me finding a way not to do this thing for every machine i deploy my .war on.
Any clues ?
Thanks in advance
I'm trying to use SQL developer, but it won't connect using the proxy I specify in the preferences. I guess it's because of some kind of certificate error? Not sure. I'm getting the error:
No HTTP response received.
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:975)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:133)
at oracle.ide.webbrowser.HttpPing$PingRunnable.run(HttpPing.java:109)
at oracle.ide.webbrowser.ProxyOptions.doTask(ProxyOptions.java:522)
at oracle.ide.webbrowser.HttpPing.ping(HttpPing.java:74)
at oracle.ide.webbrowser.ProxySettingsPanel$5.run(ProxySettingsPanel.java:766)
at java.lang.Thread.run(Thread.java:619)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:954)
... 15 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
... 21 more
This most likely means that the web server you are connecting to by SSL uses a certificate issued by an unknown authority. You want to add the certificate to your keystore (on the client).
See this article for instructions.
I think you don't install jdk yet. I recommand you if you use sql developer 1.5.1, you should use jdk 1.5.
One of the first rules of debugging errors: Google the error message you're getting, in quotes, like this: "unable to find valid certification path to". When I did this, I found lots of useful information that is probably relevant to you.