Using a particular jdk build

java

#1

I have a project with tests that call a web service via https. The web service (https://html5.validator.nu/) uses an Let’s Encrypt issued SSL certificate and the Java 8 version used by CircleCI does not trust it.

This results in sbt.ForkMain$ForkError: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

As far as I know this is resolved by using the latest Java 8 (8u101).

Is there a way to choose to use a particular Java 8 release?


#2

I resolved this by fetching the Let’s Encrypt root certificates and adding them to my project as conf/lets-encrypt-x3-cross-signed.pem.

Then adding

dependencies:
  override:
    - sudo keytool -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -importcert -file conf/lets-encrypt-x3-cross-signed.pem

to circle.yml


#3

Thanks for sharing your solution. I opened a PR for Java 8u101 support. Hopefully we can get that in when the next image update drops. (This PR is for the Ubuntu 14.04 image).


#4