-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mark,
On 5/6/15 9:01 AM, Mark Thomas wrote: > On 06/05/2015 13:52, Christopher Schultz wrote: >> Mark, >> >> On 5/6/15 8:03 AM, Mark Thomas wrote: >>> On 06/05/2015 10:43, Arjit Gupta wrote: >>>> Hello Tomcat Community, >>>> >>>> I am building tomcat 7.0.59 with java7 on HP-UX(OS) >>>> itanium(IA64) processor. After building it successful I am >>>> running *ant test*. Which is failing due to exception which >>>> is as below: >>>> >>>> Testcase: testSimpleSsl took 4.085 sec Caused an ERROR >>>> sun.security.validator.ValidatorException: PKIX path >>>> validation failed: >>>> java.security.cert.CertPathValidatorException: timestamp >>>> check failed javax.net.ssl.SSLHandshakeException: >> >>> <snip/> >> >>>> I have manually tested the ssl functionality on Tomcat by >>>> enabling it from server.xml .It is working fine. Please >>>> suggest the plausible cause of the above exception. >> >>> The test certificates used in the unit tests have expired. >> >>>> Is the this exception is coming due to some problem in build >>>> or some configuration issue in OS? >> >>> No. >> >> Is there any reason not to auto-generate test certs at the >> beginning of the "ant test" target? > > In principle no. In theory, entropy issues? Good point. How many certificates do we need? Perhaps we could have an ant property that controls whether generation of a new certificate would happen or not. >> Also, it's possible to disable certain portions of the >> certificate-checking algorithm. Would it be worth it to >> implement those workarounds so that expired certs won't fail? > > I prefer the generation option. Okay. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVShQnAAoJEBzwKT+lPKRYcoQP/17dQROT3E6hXOyiEHVesPn+ 34qF75s3HXkjgI/aR6k1+74UHWwfaIXgfkHvb0aFrIh2rcnP9YKAlzNg/wA3iADN MfInjrlwu1shEAg1FkJw8vjzfgt4xoGnxOZ/1UEDrUQEdnSiHCqGP95x0upRjKQe 62oYIe8zDSbQL0v/AGgNtr6MGaZZ/VKwd/eLDFNC3Y0uGVlmDjAFYUNSPLgGKlDQ EicBNeAh365wPHTK/9fwmcuvcuiGUcs9ruoviJOZ2jSghcbdwJE4ONhlL7xuOAGv 3LfOdHA9XtAFJMW87SeZ9LfMZjdxc04yLorr5H3pBVHEesisPwHCl9WOL/yvkfEM st8lkQpCklykFpryx2e92s/c7K+2nK+ym5RcjU7cao1ImoDSU1w0cnvUctiJDqOf Tlh2+6IgOzuIF5BLMbK4bkk4UnLivzRy9XwEOBrfgkzenb1M2Sg/xgrBHHQLnpHr xeKYJTO7dgxrBZ2EYe9NTNoNqvUztt+bywk/uVcDbaVnjb0Kt0epaQJp5Cb5gFbS VHjXyawirg3FWQTFPl3MIq8cMmJBDSjsuN4O1MFfxXx7rrS74MGxTz1s/UjETU2C diC3iG/WpzI/ODkPXH00Cv0/bxrvkAL25YjShprhTFcOFhcA80ma53rlJtAlUeGV FYxV/5/hEMvxR10nfKJc =JiJE -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
