the trustAnchors parameter must be non-empty for jdk7-jaxp-m5.zip
Andrew John Hughes
ahughes at redhat.com
Wed Mar 17 08:38:55 PDT 2010
On 23 November 2009 04:57, Michael Franz <mvfranz at gmail.com> wrote:
> Hi,
>
> I did a new fclone of the bsd repo today. When running the build I get the
> following error:
> javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error:
> java.security.InvalidAlgorithmParameterException: the trustAnchors parameter
> must be non-empty
>
This is because the cacerts keystore doesn't have any certificates in
it. All local OpenJDK builds will be like this.
You need to do something like:
for c in /usr/share/ca-certificates/*/*.crt; do
openssl x509 -text -in "${c}" >> all.crt || die
done
./generate-cacerts.pl keytool all.crt || die
generate-cacerts.pl is available from
http://cvs.fedoraproject.org/viewvc/rpms/ca-certificates/F-12/generate-cacerts.pl?revision=1.2
keytool should point to the keytool binary from the JDK you are using to build.
> I tried to download the zip file using wget and get the following error:
> --2009-11-22 23:53:14--
> https://jaxp.dev.java.net/files/documents/913/144160/jdk7-jaxp-m5.zip
> Resolving jaxp.dev.java.net... 204.16.104.198
> Connecting to jaxp.dev.java.net|204.16.104.198|:443... connected.
> ERROR: cannot verify jaxp.dev.java.net's certificate, issued by
> `/C=US/O=Equifax/OU=Equifax Secure Certificate Authority':
> Unable to locally verify the issuer's authority.
> To connect to jaxp.dev.java.net insecurely, use `--no-check-certificate'.
> Unable to establish SSL connection.
>
> Is anyone else having problems downloading?
>
> Michael
>
>
>
>
--
Andrew :-)
Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
Support Free Java!
Contribute to GNU Classpath and the OpenJDK
http://www.gnu.org/software/classpath
http://openjdk.java.net
PGP Key: 94EFD9D8 (http://subkeys.pgp.net)
Fingerprint: F8EF F1EA 401E 2E60 15FA 7927 142C 2591 94EF D9D8
More information about the bsd-port-dev
mailing list