Hi Andrew,

I am facing cert issues when trying to build locally. Does this require any 
specific version of Java? Do I need to manually update certificates?

This is what I have:
$ java -version
java version "1.8.0_60"
Java(TM) SE Runtime Environment (build 1.8.0_60-b27)
Java HotSpot(TM) 64-Bit Server VM (build 25.60-b23, mixed mode)

This is the error I am getting:

[WARNING] Could not transfer metadata 
org.opendaylight.neutron:model:0.8.0-SNAPSHOT/maven-metadata.xml from/to 
opendaylight-snapshot (https://nexus.opendaylight.org/content/reposit
ories/opendaylight.snapshot/): sun.security.validator.ValidatorException: PKIX 
path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find vali
d certification path to requested target


-----Original Message-----
From: release-boun...@lists.opendaylight.org 
[mailto:release-boun...@lists.opendaylight.org] On Behalf Of Andrew Grimberg
Sent: 15 March 2017 22:31
To: OpenDaylight Discuss <discuss@lists.opendaylight.org>; OpenDaylight 
Infrastructure <infrastruct...@lists.opendaylight.org>; 
rele...@lists.opendaylight.org; t...@lists.opendaylight.org
Subject: Re: [release] Certificate changes

On 03/13/2017 04:56 PM, Andrew Grimberg wrote:
> On 03/13/2017 03:15 PM, Andrew Grimberg wrote:
>> Greetings folks,
>> Google release Chrome 57 last week and if you happen to have updated 
>> you may find you can't access portions of OpenDaylight. LF is aware 
>> of this and will have a fix in place in by EOD today.
>> -Andy-
> Greetings,
> The initial phase of this work is now done. All certificates except 
> for Nexus have been switched over to Let's Encrypt certificates. We 
> will be moving Nexus over tomorrow but as it's late in the day and we 
> understand that Java can be touchy about the certs we don't want to 
> make the change late in the business day even though we're certain it will 
> work.

Greetings folks,

I know I said that the cert change for nexus would happen yesterday.
However, given the issues that Jenkins was having with SNI it didn't happen. I 
have just now completed switching Nexus over to a Let's Encrypt (LE) 
certificate as well.

I do not anticipate any issues given that the LE's CA is cross-signed by a CA 
that is in the Oracle JDK trust store but just in case folks using that JDK 
suddenly can't do local builds anymore, please let us know!


Andrew J Grimberg
Lead, IT Release Engineering
The Linux Foundation

Discuss mailing list
  • [OpenDay... Andrew Grimberg
    • Re:... Andrew Grimberg
      • ... Luis Gomez
        • ... Michael Vorburger
        • ... Anil Belur
        • ... Andrew Grimberg
          • ... Andrew Grimberg
            • ... Andrew Grimberg
      • ... Andrew Grimberg
        • ... Vishal Thapar
          • ... Anil Belur
            • ... Vishal Thapar
              • ... Ivan Hra┼íko
                • ... Vishal Thapar
                • ... Colin Dixon
                • ... Ed Warnicke
                • ... Colin Dixon
                • ... Vishal Thapar
                • ... Daniel Malachovsky -X (dmalacho - PANTHEON TECHNOLOGIES at Cisco)
                • ... Mohamed ElSerngawy

Reply via email to