It seems that I can work around this by using Java 1.8.0_162, an older JDK. The OkHttp upgrade is the right path but we need to move beyond the 2.x branch. Our code is rusting...
On Thu, Apr 30, 2020 at 05:28:31PM +0200, Ignasi Barrera wrote: > Without having went into details here... Could properly fixing > https://github.com/apache/jclouds/pull/63 resolve the issue then? > > On Wed, Apr 29, 2020 at 4:26 PM Andrew Gaul <g...@apache.org> wrote: > > > On Wed, Apr 29, 2020 at 11:15:48PM +0900, Andrew Gaul wrote: > > > On Sun, Apr 26, 2020 at 08:39:01PM +0900, Andrew Gaul wrote: > > > > I propose releasing 2.2.1 in next week since it has been 6 months since > > > > 2.2.0. This coincides with Golden Week in my country where I have 29 > > > > April and 2-6 May for shelter-in-place vacation. Could we merge any > > > > open pull requests and get a quorum of release testers? > > > > > > Sigh, I tried to do this earlier tonight and hit the following error: > > > > > > Failed tests: > > > > > > > JavaUrlHttpCommandExecutorServiceIntegrationTest>BaseHttpCommandExecutorServiceIntegrationTest.testGetStringRedirect:203 > > » HttpResponse > > > > > > > JavaUrlHttpCommandExecutorServiceIntegrationTest>BaseHttpCommandExecutorServiceIntegrationTest.testPostRedirect:354 > > » HttpResponse > > > > > > > JavaUrlHttpCommandExecutorServiceIntegrationTest>BaseHttpCommandExecutorServiceIntegrationTest.testPutRedirect:511 > > » HttpResponse > > > > > > Caused by: > > > > > > Caused by: java.security.cert.CertPathValidatorException: Algorithm > > constraints check failed on keysize limits. RSA 1024bit key used with > > certificate: CN=watson. Usage was tls server > > > > > > I know we have hit this before and it is some newer JDK 8 issue. Oddly > > > is only appears with the release script and not local development. Any > > > idea where I have gone awry? I suspect we need to regenerate some > > > test-only certificate at 2048 bits. > > > > Ah, integration test and not unit test, appears on both master and 2.2.x > > using Java 1.8.0_242. Vaguely remember needing to set some JAVA_OPTIONS > > environment variable as a workaround for insecure TLS, will investigate > > more tomorrow. > > > > -- > > Andrew Gaul > > http://gaul.org/ > > -- Andrew Gaul http://gaul.org/
