2015-05-06 15:52 GMT+03:00 Christopher Schultz > > Mark, > > On 5/6/15 8:03 AM, Mark Thomas wrote: >> On 06/05/2015 10:43, Arjit Gupta wrote: >>> Hello Tomcat Community, >>> >>> I am building tomcat 7.0.59 with java7 on HP-UX(OS) itanium(IA64) >>> processor. After building it successful I am running *ant test*. >>> Which is failing due to exception which is as below: >>> >>> Testcase: testSimpleSsl took 4.085 sec Caused an ERROR >>> sun.security.validator.ValidatorException: PKIX path validation >>> failed: java.security.cert.CertPathValidatorException: timestamp >>> check failed javax.net.ssl.SSLHandshakeException: >> >> <snip/> >> >>> I have manually tested the ssl functionality on Tomcat by >>> enabling it from server.xml .It is working fine. Please suggest >>> the plausible cause of the above exception. >> >> The test certificates used in the unit tests have expired. >> >>> Is the this exception is coming due to some problem in build or >>> some configuration issue in OS? >> >> No. > > Is there any reason not to auto-generate test certs at the beginning > of the "ant test" target? > > Also, it's possible to disable certain portions of the > certificate-checking algorithm. Would it be worth it to implement > those workarounds so that expired certs won't fail?
1) Document this issue in BUILDING.txt 2) Usually people can get recent certificates from our source tree in svn and swap them in. Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
