Using a particular jdk build

sindrit · September 19, 2016, 9:37am

I have a project with tests that call a web service via https. The web service (https://html5.validator.nu/) uses an Let’s Encrypt issued SSL certificate and the Java 8 version used by CircleCI does not trust it.

This results in sbt.ForkMain$ForkError: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

As far as I know this is resolved by using the latest Java 8 (8u101).

Is there a way to choose to use a particular Java 8 release?

sindrit · September 20, 2016, 2:23pm

I resolved this by fetching the Let’s Encrypt root certificates and adding them to my project as conf/lets-encrypt-x3-cross-signed.pem.

Then adding

dependencies:
  override:
    - sudo keytool -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -importcert -file conf/lets-encrypt-x3-cross-signed.pem

to circle.yml

FelicianoTech · September 20, 2016, 8:18pm

Thanks for sharing your solution. I opened a PR for Java 8u101 support. Hopefully we can get that in when the next image update drops. (This PR is for the Ubuntu 14.04 image).

Topic		Replies	Views
Repo.maven.apache.org certificate issues today Build Environment	7	3216	June 18, 2018
Using OpenJDK 8 Build Environment java , known-issue	5	6177	June 18, 2018
CircleCi 2.0 - Java Cryptography Extension (JCE) unlimited strength Programming Languages docker , java	1	1856	June 18, 2018
Install SSL Certificate Build Environment	3	3130	June 18, 2018
Phabricator Issue using CircleCI Integrations and Accounts	3	1225	June 18, 2018

Using a particular jdk build

Related topics