[
https://issues.apache.org/jira/browse/PDFBOX-4920?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17162528#comment-17162528
]
Tilman Hausherr edited comment on PDFBOX-4920 at 7/22/20, 6:43 AM:
-------------------------------------------------------------------
I got it (build 11). That call can be blocking, because Linux thinks there
isn't enough entropy available:
https://tersesystems.com/blog/2015/12/17/the-right-way-to-use-securerandom/
We did not have the effect on 2.0.*, because there we don't initialize with
{{SecureRandom.getInstanceStrong()}}.
was (Author: tilman):
I got it. That call can be blocking, because Linux thinks there isn't enough
entropy available:
https://tersesystems.com/blog/2015/12/17/the-right-way-to-use-securerandom/
We did not have the effect on 2.0.*, because there we don't initialize with
{{SecureRandom.getInstanceStrong()}}.
> OCSP validation takes very long in ci build
> -------------------------------------------
>
> Key: PDFBOX-4920
> URL: https://issues.apache.org/jira/browse/PDFBOX-4920
> Project: PDFBox
> Issue Type: Bug
> Affects Versions: 3.0.0 PDFBox
> Reporter: Tilman Hausherr
> Priority: Major
>
> The trunk and sonar builds take very long since the change to validate the
> certificates of the timestamp
> {quote}
> Jul 21, 2020 5:51:08 PM
> org.apache.pdfbox.examples.signature.cert.CertificateVerifier extractOCSPURL
> INFO: OCSP URL: http://www.freetsa.org:2560
> Jul 21, 2020 5:57:55 PM org.apache.pdfbox.examples.signature.cert.OcspHelper
> checkNonce
> INFO: Nonce is good{quote}
> This doesn't happen in the 2.0 build, and doesn't happen on my machine. I'll
> add some log output.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
