[jira] (CXF-9006) TrustedAuthorityValidatorCRLTest#testIsCertChainValid fails when using Red Hat OpenJDK on PPC64LE
[ https://issues.apache.org/jira/browse/CXF-9006 ]
Freeman Yue Fang deleted comment on CXF-9006:
---
was (Author: ffang):
Send PR to upgrade the cer files
https://github.com/apache/cxf/pull/1842
> TrustedAuthorityValidatorCRLTest#testIsCertChainValid fails when using Red
> Hat OpenJDK on PPC64LE
> -
>
> Key: CXF-9006
> URL: https://issues.apache.org/jira/browse/CXF-9006
> Project: CXF
> Issue Type: Test
>Affects Versions: 4.0.4, 4.1.0
> Environment: Java version: 17.0.6, vendor: Red Hat, Inc., runtime:
> /usr/lib/jvm/java-17-openjdk-17.0.6.0.10-3.el9.ppc64le
> OS name: "linux", version: "5.14.0-378.el9.ppc64le", arch: "ppc64le", family:
> "unix"
>Reporter: Jamie Mark Goodyear
>Priority: Minor
> Attachments: wss40.cer, wss40CA.cer, wss40CACRL.cer, wss40rev.cer
>
>
> {{TrustedAuthorityValidatorCRLTest#testIsCertChainValid}} failing when using
> Red Hat OpenJDK 17. The error revealed when using
> {{-Djava.security.debug=certpath}} is that the JVM can not find a valid
> certification path to the requested target -- note: this unit test works on
> Bellsoft, Temurin, IBM, Corretto, Zulu, on other platforms, and is confirmed
> to work with Semeru/Temurin Java on PPC64LE.
> Given this is restricted to one particular JVM distribution/platform, would
> this be a candidate for a skip test?
> {{sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target at
> java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
> at
> java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
> at
> java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
> at
> org.apache.cxf.xkms.x509.validator.TrustedAuthorityValidator.isCertificateChainValid(TrustedAuthorityValidator.java:84)}}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (CXF-9006) TrustedAuthorityValidatorCRLTest#testIsCertChainValid fails when using Red Hat OpenJDK on PPC64LE
[
https://issues.apache.org/jira/browse/CXF-9006?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17842138#comment-17842138
]
Freeman Yue Fang commented on CXF-9006:
---
Send PR to upgrade the cer files
https://github.com/apache/cxf/pull/1842
> TrustedAuthorityValidatorCRLTest#testIsCertChainValid fails when using Red
> Hat OpenJDK on PPC64LE
> -
>
> Key: CXF-9006
> URL: https://issues.apache.org/jira/browse/CXF-9006
> Project: CXF
> Issue Type: Test
>Affects Versions: 4.0.4, 4.1.0
> Environment: Java version: 17.0.6, vendor: Red Hat, Inc., runtime:
> /usr/lib/jvm/java-17-openjdk-17.0.6.0.10-3.el9.ppc64le
> OS name: "linux", version: "5.14.0-378.el9.ppc64le", arch: "ppc64le", family:
> "unix"
>Reporter: Jamie Mark Goodyear
>Priority: Minor
> Attachments: wss40.cer, wss40CA.cer, wss40CACRL.cer, wss40rev.cer
>
>
> {{TrustedAuthorityValidatorCRLTest#testIsCertChainValid}} failing when using
> Red Hat OpenJDK 17. The error revealed when using
> {{-Djava.security.debug=certpath}} is that the JVM can not find a valid
> certification path to the requested target -- note: this unit test works on
> Bellsoft, Temurin, IBM, Corretto, Zulu, on other platforms, and is confirmed
> to work with Semeru/Temurin Java on PPC64LE.
> Given this is restricted to one particular JVM distribution/platform, would
> this be a candidate for a skip test?
> {{sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target at
> java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
> at
> java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
> at
> java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
> at
> org.apache.cxf.xkms.x509.validator.TrustedAuthorityValidator.isCertificateChainValid(TrustedAuthorityValidator.java:84)}}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (CXF-9006) TrustedAuthorityValidatorCRLTest#testIsCertChainValid fails when using Red Hat OpenJDK on PPC64LE
[
https://issues.apache.org/jira/browse/CXF-9006?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17842127#comment-17842127
]
Jamie Mark Goodyear commented on CXF-9006:
--
Tested on multiple platforms/JVMs.
Seems to be good.
> TrustedAuthorityValidatorCRLTest#testIsCertChainValid fails when using Red
> Hat OpenJDK on PPC64LE
> -
>
> Key: CXF-9006
> URL: https://issues.apache.org/jira/browse/CXF-9006
> Project: CXF
> Issue Type: Test
>Affects Versions: 4.0.4, 4.1.0
> Environment: Java version: 17.0.6, vendor: Red Hat, Inc., runtime:
> /usr/lib/jvm/java-17-openjdk-17.0.6.0.10-3.el9.ppc64le
> OS name: "linux", version: "5.14.0-378.el9.ppc64le", arch: "ppc64le", family:
> "unix"
>Reporter: Jamie Mark Goodyear
>Priority: Minor
> Attachments: wss40.cer, wss40CA.cer, wss40CACRL.cer, wss40rev.cer
>
>
> {{TrustedAuthorityValidatorCRLTest#testIsCertChainValid}} failing when using
> Red Hat OpenJDK 17. The error revealed when using
> {{-Djava.security.debug=certpath}} is that the JVM can not find a valid
> certification path to the requested target -- note: this unit test works on
> Bellsoft, Temurin, IBM, Corretto, Zulu, on other platforms, and is confirmed
> to work with Semeru/Temurin Java on PPC64LE.
> Given this is restricted to one particular JVM distribution/platform, would
> this be a candidate for a skip test?
> {{sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target at
> java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
> at
> java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
> at
> java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
> at
> org.apache.cxf.xkms.x509.validator.TrustedAuthorityValidator.isCertificateChainValid(TrustedAuthorityValidator.java:84)}}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (CXF-9006) TrustedAuthorityValidatorCRLTest#testIsCertChainValid fails when using Red Hat OpenJDK on PPC64LE
[
https://issues.apache.org/jira/browse/CXF-9006?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17842037#comment-17842037
]
Jamie Mark Goodyear commented on CXF-9006:
--
Thanks [~ffang] ,
Those certificates allowed the tests to pass on Stream 9 OS on POWER.
I'm going to retest the PR branch on a few platform/JVM combos to ensure all is
well.
> TrustedAuthorityValidatorCRLTest#testIsCertChainValid fails when using Red
> Hat OpenJDK on PPC64LE
> -
>
> Key: CXF-9006
> URL: https://issues.apache.org/jira/browse/CXF-9006
> Project: CXF
> Issue Type: Test
>Affects Versions: 4.0.4, 4.1.0
> Environment: Java version: 17.0.6, vendor: Red Hat, Inc., runtime:
> /usr/lib/jvm/java-17-openjdk-17.0.6.0.10-3.el9.ppc64le
> OS name: "linux", version: "5.14.0-378.el9.ppc64le", arch: "ppc64le", family:
> "unix"
>Reporter: Jamie Mark Goodyear
>Priority: Minor
> Attachments: wss40.cer, wss40CA.cer, wss40CACRL.cer, wss40rev.cer
>
>
> {{TrustedAuthorityValidatorCRLTest#testIsCertChainValid}} failing when using
> Red Hat OpenJDK 17. The error revealed when using
> {{-Djava.security.debug=certpath}} is that the JVM can not find a valid
> certification path to the requested target -- note: this unit test works on
> Bellsoft, Temurin, IBM, Corretto, Zulu, on other platforms, and is confirmed
> to work with Semeru/Temurin Java on PPC64LE.
> Given this is restricted to one particular JVM distribution/platform, would
> this be a candidate for a skip test?
> {{sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target at
> java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
> at
> java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
> at
> java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
> at
> org.apache.cxf.xkms.x509.validator.TrustedAuthorityValidator.isCertificateChainValid(TrustedAuthorityValidator.java:84)}}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (CXF-9006) TrustedAuthorityValidatorCRLTest#testIsCertChainValid fails when using Red Hat OpenJDK on PPC64LE
[
https://issues.apache.org/jira/browse/CXF-9006?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17842022#comment-17842022
]
Freeman Yue Fang commented on CXF-9006:
---
Hi [~jgoodyear],
Could you please copy the cer files I attached here to
services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/
folder to override the old ones and rerun the test against the JDKs you are
testing?
These new cer files are RSA2048 instead the previous DSA1024.
Thanks
Freeman
> TrustedAuthorityValidatorCRLTest#testIsCertChainValid fails when using Red
> Hat OpenJDK on PPC64LE
> -
>
> Key: CXF-9006
> URL: https://issues.apache.org/jira/browse/CXF-9006
> Project: CXF
> Issue Type: Test
>Affects Versions: 4.0.4, 4.1.0
> Environment: Java version: 17.0.6, vendor: Red Hat, Inc., runtime:
> /usr/lib/jvm/java-17-openjdk-17.0.6.0.10-3.el9.ppc64le
> OS name: "linux", version: "5.14.0-378.el9.ppc64le", arch: "ppc64le", family:
> "unix"
>Reporter: Jamie Mark Goodyear
>Priority: Minor
> Attachments: wss40.cer, wss40CA.cer, wss40CACRL.cer, wss40rev.cer
>
>
> {{TrustedAuthorityValidatorCRLTest#testIsCertChainValid}} failing when using
> Red Hat OpenJDK 17. The error revealed when using
> {{-Djava.security.debug=certpath}} is that the JVM can not find a valid
> certification path to the requested target -- note: this unit test works on
> Bellsoft, Temurin, IBM, Corretto, Zulu, on other platforms, and is confirmed
> to work with Semeru/Temurin Java on PPC64LE.
> Given this is restricted to one particular JVM distribution/platform, would
> this be a candidate for a skip test?
> {{sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target at
> java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
> at
> java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
> at
> java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
> at
> org.apache.cxf.xkms.x509.validator.TrustedAuthorityValidator.isCertificateChainValid(TrustedAuthorityValidator.java:84)}}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (CXF-9006) TrustedAuthorityValidatorCRLTest#testIsCertChainValid fails when using Red Hat OpenJDK on PPC64LE
[
https://issues.apache.org/jira/browse/CXF-9006?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Freeman Yue Fang updated CXF-9006:
--
Attachment: wss40.cer
wss40CA.cer
wss40CACRL.cer
wss40rev.cer
> TrustedAuthorityValidatorCRLTest#testIsCertChainValid fails when using Red
> Hat OpenJDK on PPC64LE
> -
>
> Key: CXF-9006
> URL: https://issues.apache.org/jira/browse/CXF-9006
> Project: CXF
> Issue Type: Test
>Affects Versions: 4.0.4, 4.1.0
> Environment: Java version: 17.0.6, vendor: Red Hat, Inc., runtime:
> /usr/lib/jvm/java-17-openjdk-17.0.6.0.10-3.el9.ppc64le
> OS name: "linux", version: "5.14.0-378.el9.ppc64le", arch: "ppc64le", family:
> "unix"
>Reporter: Jamie Mark Goodyear
>Priority: Minor
> Attachments: wss40.cer, wss40CA.cer, wss40CACRL.cer, wss40rev.cer
>
>
> {{TrustedAuthorityValidatorCRLTest#testIsCertChainValid}} failing when using
> Red Hat OpenJDK 17. The error revealed when using
> {{-Djava.security.debug=certpath}} is that the JVM can not find a valid
> certification path to the requested target -- note: this unit test works on
> Bellsoft, Temurin, IBM, Corretto, Zulu, on other platforms, and is confirmed
> to work with Semeru/Temurin Java on PPC64LE.
> Given this is restricted to one particular JVM distribution/platform, would
> this be a candidate for a skip test?
> {{sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target at
> java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
> at
> java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
> at
> java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
> at
> org.apache.cxf.xkms.x509.validator.TrustedAuthorityValidator.isCertificateChainValid(TrustedAuthorityValidator.java:84)}}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (CXF-9002) JAXRSMultithreadedClientTest test cases failing on IBM JDK.
[
https://issues.apache.org/jira/browse/CXF-9002?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17841905#comment-17841905
]
Jens Kleine-Herzbruch commented on CXF-9002:
[~artnaseef] I believe your comments were aimed at CXF-9006, not this ticket...
> JAXRSMultithreadedClientTest test cases failing on IBM JDK.
> ---
>
> Key: CXF-9002
> URL: https://issues.apache.org/jira/browse/CXF-9002
> Project: CXF
> Issue Type: Test
> Components: JAX-RS
>Affects Versions: 4.0.4
>Reporter: Jamie Mark Goodyear
>Priority: Major
>
> JAXRSMultithreadedClientTest test cases failing on IBM JDK (Semeru 17).
> There is a JAXRS system test failure for {{JAXRSMultithreadedClientTest}}
> test cases:
> JAXRSMultithreadedClientTest.testStatefulWebClientThreadLocalWithCopy
> JAXRSMultithreadedClientTest.testStatefulWebClientWithCopy
> JAXRSMultithreadedClientTest.testThreadSafeProxyWithCopy
> The commonality between these tests are \{{threadSafe }}is set to false,
> which triggers a copy of existing client with WebClient.fromClient.
> The error traces contains the following shape:
> {code:java}
> Exception in thread "pool-12-thread-2" java.lang.AssertionError:
> WebClientWorker thread failed for 10,value10 at
> org.junit.Assert.fail(Assert.java:89) at
> org.apache.cxf.systest.jaxrs.JAXRSMultithreadedClientTest$WebClientWorker.run(JAXRSMultithreadedClientTest.java:208)
> at
> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
> at
> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
> at java.base/java.lang.Thread.run(Thread.java:857) at
> org.apache.cxf.transport.http.HttpClientHTTPConduit$HttpClientWrappedOutputStream.getResponse(HttpClientHTTPConduit.java:751)
> at
> org.apache.cxf.transport.http.HttpClientHTTPConduit$HttpClientWrappedOutputStream.getResponseCode(HttpClientHTTPConduit.java:760)
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.doProcessResponseCode(HTTPConduit.java:1653)
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1684)
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1626)
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1420)
> ... 19 more Caused by: java.lang.InterruptedException at
> java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:386)
> at
> java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:2096)
> at
> org.apache.cxf.transport.http.HttpClientHTTPConduit$HttpClientWrappedOutputStream.getResponse(HttpClientHTTPConduit.java:731)
> ... 24 more Exception in thread "pool-12-thread-4" java.lang.AssertionError:
> WebClientWorker thread failed for 8,value8 at
> org.junit.Assert.fail(Assert.java:89) at
> org.apache.cxf.systest.jaxrs.JAXRSMultithreadedClientTest$WebClientWorker.run(JAXRSMultithreadedClientTest.java:208)
> at
> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
> at
> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
> at java.base/java.lang.Thread.run(Thread.java:857) {code}
> When this suite is run on Hotspot based JVMs, the test cases pass.This is
> reproducible by changing directory to systests/jaxrs, then executing:
> `
> {{mvn clean install -Dtest=JAXRSMultithreadedClientTest}}
> {{`}}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
