The following tests are failing in my environment even with the JCE extensions.
/* Test7: If no chain is given, the certificate should be self signed.
Else, uploadShould Fail */
runUploadSslCertNoChain();
/* Test8: Chain is given but does not have root certificate */
runUploadSslCertNoRootCert();
/* Test9: The chain given is not the correct chain for the certificate
*/
runUploadSslCertBadChain();
/* Test12: Given a certificate signed by a CA and a valid CA chain,
upload should succeed */
runUploadSslCertWithCAChain();
On 12-Nov-2013, at 11:35 AM, Koushik Das <koushik....@citrix.com> wrote:
> I see the JCE extensions in jdk 1.7 as well. They are present under
> <java_home>/jre/lib/security. But still I see a test failure. Is there any
> other configuration that is required?
>
> Running org.apache.cloudstack.network.lb.CertServiceTest
> Tests run: 2, Failures: 1, Errors: 0, Skipped: 0, Time elapsed: 1.456 sec <<<
> FAILURE!
>
> -Koushik
>
> On 12-Nov-2013, at 11:19 AM, Prasanna Santhanam <t...@apache.org>
> wrote:
>
>> My MacOSX 1.6 jdk seems to have the crypto extensions jce builtin and
>> the build+test works. JDK 1.7 install does not have them though.
>>
>> The JCE kit seems to carry a BCL which is not ASF friendly [1]. But
>> this being part of the Java install and not the project it should be
>> okay IMO if we note it in our wiki on building the project.
>>
>> As for legal aspects - I found this which might be of some relevance.
>> http://markmail.org/message/evtkc656gewrkruf
>>
>> [1] http://www.apache.org/legal/3party.html#transition-examples
>>
>> On Mon, Nov 11, 2013 at 10:45:12PM +0100, Laszlo Hornyak wrote:
>>> Hi,
>>>
>>> That is a good question, I do not know for sure, but this package needs to
>>> be signed by oracle, it is not redistributable and has teritorial import
>>> restrictions, so it could be problematic :-( I hope it is not. Guys, can
>>> someone help us here?
>>>
>>>
>>> On Mon, Nov 11, 2013 at 10:21 PM, Syed Ahmed <sah...@cloudops.com> wrote:
>>>
>>>> Hi Laszlo,
>>>>
>>>> The CertService uses BouncyCastle for certificate parsing and validation.
>>>> The JCE extension provides the API for using BouncyCastle as the provider.
>>>> So, JCE is required. I know that BouncyCastle is added in CS. Would it be
>>>> possible to add JCE as a dependency too?
>>>>
>>>> Thanks,
>>>> -Syed
>>>>
>>>>
>>>> On 13-11-10 09:55 AM, Laszlo Hornyak wrote:
>>>>
>>>>> Hi Sahmed and list,
>>>>>
>>>>> I ran into some failing tests this weekend related to the patch
>>>>> 0076307863e9155273d9e4c14282de429388c9e9 apparently jenkins fails for
>>>>> the same reason. I did a short investigation and it turned out that in
>>>>> order to run the tests correctly, one has to download the sun jce policy
>>>>> files and put it in the jdk replacing the original policies.
>>>>>
>>>>> Questions:
>>>>> - Is there a more convenient deployment process? :-) It would be very
>>>>> useful for the jenkins environment as well.
>>>>> - I gave it a try and patched the oracle jdk 1.7 with the same plugin, it
>>>>> did not work. Do you know a way to make it work again with jdk 1.7?
>>>>>
>>>>> Thank you,
>>>>> Laszlo
>>>>>
>>>>> --
>>>>>
>>>>> EOF
>>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>>
>>> EOF
>>
>> --
>> Prasanna.,
>>
>> ------------------------
>> Powered by BigRock.com
>>
>
