In this installation I am using 8u202 (really old). I am upgrading to 8u342.
[email protected] schrieb am Mittwoch, 3. August 2022 um 15:22:52 UTC+2: > What version of JDK 8 are you using? You really should consider upgrading > the JDK, as web browsers are tightening security requirements around SSL. > > Looks like you need at least 8u261 > ref: https://www.oracle.com/java/technologies/javase/8u261-relnotes.html > > On Wednesday, August 3, 2022 at 2:53:31 AM UTC-5 [email protected] > wrote: > >> >> Today I migrated a system from Karaf 4.3.7 to 4.4.1 and PAX-WEB 8.0.6. >> I have defined in etc/org.ops4j.pax.web.cfg the following property: >> >> org.ops4j.pax.web.ssl.protocols.included=TLSv1.2 >> >> However it seems that this property is no longer considered in PAX-WEB 8. >> At startup with java 8 I get the following error >> >> 2022.08.03 05:34:11,248 [paxweb-config-3-thread-1 (change controller)] >> [ERROR] [Activator] Unable to start Pax Web server: TLSv1.3 SSLContext not >> available [] [ java.security.NoSuchAlgorithmException: TLSv1.3 SSLContext >> not available at >> sun.security.jca.GetInstance.getInstance(GetInstance.java:159) at >> javax.net.ssl.SSLContext.getInstance(SSLContext.java:156) at >> org.eclipse.jetty.util.ssl.SslContextFactory.getSSLContextInstance(SslContextFactory.java:1864) >> >> at >> org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:316) >> >> at >> org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:244) >> >> at >> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73) >> >> at >> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169) >> >> at >> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117) >> >> at >> org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:97) >> >> at >> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73) >> >> at >> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169) >> >> at >> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117) >> >> at >> org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:323) >> >> at >> org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81) >> >> at >> org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:234) >> at >> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73) >> >> at org.eclipse.jetty.server.Server.doStart(Server.java:401) at >> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73) >> >> at >> org.ops4j.pax.web.service.jetty.internal.JettyServerWrapper.start(JettyServerWrapper.java:623) >> >> at >> org.ops4j.pax.web.service.jetty.internal.JettyServerController.start(JettyServerController.java:109) >> >> at >> org.ops4j.pax.web.service.internal.Activator.performConfiguration(Activator.java:551) >> >> at >> org.ops4j.pax.web.service.internal.Activator.updateController(Activator.java:441) >> >> at >> org.ops4j.pax.web.service.internal.Activator.lambda$updateServerControllerFactory$1(Activator.java:347) >> >> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) >> at java.util.concurrent.FutureTask.run(FutureTask.java:266) at >> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) >> >> at >> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) >> >> at >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) >> >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) >> >> at java.lang.Thread.run(Thread.java:748) ] >> >> With the following properties in etc/org.ops4j.pax.web.cfg it starts: >> >> org.ops4j.pax.web.ssl.protocol=TLSv1.2 >> >> In >> https://github.com/ops4j/org.ops4j.pax.web/blob/main/pax-web-api/src/main/java/org/ops4j/pax/web/service/PaxWebConfig.java#L213 >> >> is documented that org.ops4j.pax.web.ssl.protocol defaults to TLSv1.2. >> But I think this is not correct. >> >> Regards >> >> Richard >> >> >> >> >> >> >> -- -- ------------------ OPS4J - http://www.ops4j.org - [email protected] --- You received this message because you are subscribed to the Google Groups "OPS4J" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ops4j/12fb1c73-3f31-4216-8919-0fed7250d628n%40googlegroups.com.
