[jira] [Updated] (NETBEANS-5956) Wildcard certificate of *.apache.org not accepted by IDE TrustManager for use in pom.xml
[
https://issues.apache.org/jira/browse/NETBEANS-5956?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated NETBEANS-5956:
-
Labels: pull-request-available (was: )
> Wildcard certificate of *.apache.org not accepted by IDE TrustManager for use
> in pom.xml
>
>
> Key: NETBEANS-5956
> URL: https://issues.apache.org/jira/browse/NETBEANS-5956
> Project: NetBeans
> Issue Type: Bug
> Components: editor - Completion Templates
>Affects Versions: 12.4, 12.5
>Reporter: Ronny Perinke
>Assignee: Benjamin Asbach
>Priority: Major
> Labels: pull-request-available
> Fix For: 12.6
>
> Attachments: image-2021-08-27-20-52-46-248.png
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> If you have a Maven project and open a pom.xml with xsi:schemalocation set,
> you will get an error from the IDE that the certificate of "*.apache.org"
> could not be verified. This seems to be an issue with the new wildcard cert.
> The certificate is accepted by the JRE trust-store as a quick check with
> jshell reveals.
> !image-2021-08-27-20-52-46-248.png!
> If you do not accept the certificate and the two from certificate chain, you
> lose auto-completion and schema validation for the pom.
> messages.log says
> {code:title=messages.log}
> INFO [org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl]: The
> certificate is not trusted by IDE TrustManager
> java.security.cert.CertificateException: The certificate is not trusted by
> IDE TrustManager
> at
> org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever$1.checkServerTrusted(SecureURLResourceRetriever.java:114)
> at
> java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1442)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341)
> Caused: javax.net.ssl.SSLHandshakeException: The certificate is not trusted
> by IDE TrustManager
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:369)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:312)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:307)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1357)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175)
> at
> java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
> at
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
> at
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
> at
> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:199)
> at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
> at
> java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1506)
> at
> java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1416)
> at
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:451)
> at
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:422)
> at
> java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:574)
> at
> java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:183)
> at
> java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:142)
> at
> org.netbeans.modules.xml.retriever.impl.URLResourceRetriever.getInputStreamOfURL(URLResourceRetriever.java:144)
> at
> org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever.retrieveDocument(SecureURLResourceRetriever.java:74)
> [catch] at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:263)
> at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.doGetModelSource(CatalogModelImpl.java:244)
> at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:167)
> at
> org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getCompletionModel(DefaultModelProvider.java:102)
> at
>
[jira] [Updated] (NETBEANS-5956) Wildcard certificate of *.apache.org not accepted by IDE TrustManager for use in pom.xml
[
https://issues.apache.org/jira/browse/NETBEANS-5956?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Neil C Smith updated NETBEANS-5956:
---
Fix Version/s: (was: 12.5)
12.6
> Wildcard certificate of *.apache.org not accepted by IDE TrustManager for use
> in pom.xml
>
>
> Key: NETBEANS-5956
> URL: https://issues.apache.org/jira/browse/NETBEANS-5956
> Project: NetBeans
> Issue Type: Bug
> Components: editor - Completion Templates
>Affects Versions: 12.4, 12.5
>Reporter: Ronny Perinke
>Priority: Major
> Fix For: 12.6
>
> Attachments: image-2021-08-27-20-52-46-248.png
>
>
> If you have a Maven project and open a pom.xml with xsi:schemalocation set,
> you will get an error from the IDE that the certificate of "*.apache.org"
> could not be verified. This seems to be an issue with the new wildcard cert.
> The certificate is accepted by the JRE trust-store as a quick check with
> jshell reveals.
> !image-2021-08-27-20-52-46-248.png!
> If you do not accept the certificate and the two from certificate chain, you
> lose auto-completion and schema validation for the pom.
> messages.log says
> {code:title=messages.log}
> INFO [org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl]: The
> certificate is not trusted by IDE TrustManager
> java.security.cert.CertificateException: The certificate is not trusted by
> IDE TrustManager
> at
> org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever$1.checkServerTrusted(SecureURLResourceRetriever.java:114)
> at
> java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1442)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341)
> Caused: javax.net.ssl.SSLHandshakeException: The certificate is not trusted
> by IDE TrustManager
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:369)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:312)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:307)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1357)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175)
> at
> java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
> at
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
> at
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
> at
> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:199)
> at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
> at
> java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1506)
> at
> java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1416)
> at
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:451)
> at
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:422)
> at
> java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:574)
> at
> java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:183)
> at
> java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:142)
> at
> org.netbeans.modules.xml.retriever.impl.URLResourceRetriever.getInputStreamOfURL(URLResourceRetriever.java:144)
> at
> org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever.retrieveDocument(SecureURLResourceRetriever.java:74)
> [catch] at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:263)
> at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.doGetModelSource(CatalogModelImpl.java:244)
> at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:167)
> at
> org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getCompletionModel(DefaultModelProvider.java:102)
> at
> org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getModels(DefaultModelProvider.java:62)
> at
>
[jira] [Updated] (NETBEANS-5956) Wildcard certificate of *.apache.org not accepted by IDE TrustManager for use in pom.xml
[
https://issues.apache.org/jira/browse/NETBEANS-5956?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Benjamin Asbach updated NETBEANS-5956:
--
Affects Version/s: 12.5
> Wildcard certificate of *.apache.org not accepted by IDE TrustManager for use
> in pom.xml
>
>
> Key: NETBEANS-5956
> URL: https://issues.apache.org/jira/browse/NETBEANS-5956
> Project: NetBeans
> Issue Type: Bug
> Components: editor - Completion Templates
>Affects Versions: 12.4, 12.5
>Reporter: Ronny Perinke
>Priority: Major
> Fix For: 12.5
>
> Attachments: image-2021-08-27-20-52-46-248.png
>
>
> If you have a Maven project and open a pom.xml with xsi:schemalocation set,
> you will get an error from the IDE that the certificate of "*.apache.org"
> could not be verified. This seems to be an issue with the new wildcard cert.
> The certificate is accepted by the JRE trust-store as a quick check with
> jshell reveals.
> !image-2021-08-27-20-52-46-248.png!
> If you do not accept the certificate and the two from certificate chain, you
> lose auto-completion and schema validation for the pom.
> messages.log says
> {code:title=messages.log}
> INFO [org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl]: The
> certificate is not trusted by IDE TrustManager
> java.security.cert.CertificateException: The certificate is not trusted by
> IDE TrustManager
> at
> org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever$1.checkServerTrusted(SecureURLResourceRetriever.java:114)
> at
> java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1442)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341)
> Caused: javax.net.ssl.SSLHandshakeException: The certificate is not trusted
> by IDE TrustManager
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:369)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:312)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:307)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1357)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175)
> at
> java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
> at
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
> at
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
> at
> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:199)
> at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
> at
> java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1506)
> at
> java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1416)
> at
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:451)
> at
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:422)
> at
> java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:574)
> at
> java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:183)
> at
> java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:142)
> at
> org.netbeans.modules.xml.retriever.impl.URLResourceRetriever.getInputStreamOfURL(URLResourceRetriever.java:144)
> at
> org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever.retrieveDocument(SecureURLResourceRetriever.java:74)
> [catch] at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:263)
> at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.doGetModelSource(CatalogModelImpl.java:244)
> at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:167)
> at
> org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getCompletionModel(DefaultModelProvider.java:102)
> at
> org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getModels(DefaultModelProvider.java:62)
> at
>
[jira] [Updated] (NETBEANS-5956) Wildcard certificate of *.apache.org not accepted by IDE TrustManager for use in pom.xml
[
https://issues.apache.org/jira/browse/NETBEANS-5956?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ronny Perinke updated NETBEANS-5956:
Description:
If you have a Maven project and open a pom.xml with xsi:schemalocation set, you
will get an error from the IDE that the certificate of "*.apache.org" could not
be verified. This seems to be an issue with the new wildcard cert. The
certificate is accepted by the JRE trust-store as a quick check with jshell
reveals.
!image-2021-08-27-20-52-46-248.png!
If you do not accept the certificate and the two from certificate chain, you
lose auto-completion and schema validation for the pom.
messages.log says
{code:title=messages.log}
INFO [org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl]: The
certificate is not trusted by IDE TrustManager
java.security.cert.CertificateException: The certificate is not trusted by IDE
TrustManager
at
org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever$1.checkServerTrusted(SecureURLResourceRetriever.java:114)
at
java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1442)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341)
Caused: javax.net.ssl.SSLHandshakeException: The certificate is not trusted by
IDE TrustManager
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:369)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:312)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:307)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1357)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175)
at
java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
at
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
at
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
at
java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:199)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at
java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1506)
at
java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1416)
at
java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:451)
at
java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:422)
at
java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:574)
at
java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:183)
at
java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:142)
at
org.netbeans.modules.xml.retriever.impl.URLResourceRetriever.getInputStreamOfURL(URLResourceRetriever.java:144)
at
org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever.retrieveDocument(SecureURLResourceRetriever.java:74)
[catch] at
org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:263)
at
org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.doGetModelSource(CatalogModelImpl.java:244)
at
org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:167)
at
org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getCompletionModel(DefaultModelProvider.java:102)
at
org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getModels(DefaultModelProvider.java:62)
at
org.netbeans.modules.xml.schema.completion.util.CompletionContextImpl.initModels(CompletionContextImpl.java:938)
at
org.netbeans.modules.xml.schema.completion.CompletionQuery.getCompletionItems(CompletionQuery.java:343)
at
org.netbeans.modules.xml.schema.completion.CompletionQuery$ModelTask.run(CompletionQuery.java:310)
at
org.openide.util.RequestProcessor$Task.run(RequestProcessor.java:1418)
at
org.netbeans.modules.openide.util.GlobalLookup.execute(GlobalLookup.java:45)
at org.openide.util.lookup.Lookups.executeWith(Lookups.java:278)
at
org.openide.util.RequestProcessor$Processor.run(RequestProcessor.java:2033)
{code}
{code:title=check with jshell}
jshell>
[jira] [Updated] (NETBEANS-5956) Wildcard certificate of *.apache.org not accepted by IDE TrustManager for use in pom.xml
[
https://issues.apache.org/jira/browse/NETBEANS-5956?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ronny Perinke updated NETBEANS-5956:
Priority: Major (was: Critical)
> Wildcard certificate of *.apache.org not accepted by IDE TrustManager for use
> in pom.xml
>
>
> Key: NETBEANS-5956
> URL: https://issues.apache.org/jira/browse/NETBEANS-5956
> Project: NetBeans
> Issue Type: Bug
> Components: editor - Completion Templates
>Affects Versions: 12.4
>Reporter: Ronny Perinke
>Priority: Major
> Fix For: 12.5
>
> Attachments: image-2021-08-27-20-52-46-248.png
>
>
> If you have a Maven project and open a pom.xml with xsi:schemalocation set,
> you will get an error from the IDE that the certificate of "*.apache.org"
> could not be verified. This seems to be an issue with the new wildcard cert.
> The certificate is accepted by the JRE trust-store as a quick check with
> jshell reveals.
> !image-2021-08-27-20-52-46-248.png!
> If you do not accept the certificate and the two from certificate chain, you
> lose auto-completion and schema validation for the pom.
> messages.log says
> {code:title=messages.log}
> INFO [org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl]: The
> certificate is not trusted by IDE TrustManager
> java.security.cert.CertificateException: The certificate is not trusted by
> IDE TrustManager
> at
> org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever$1.checkServerTrusted(SecureURLResourceRetriever.java:114)
> at
> java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1442)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341)
> Caused: javax.net.ssl.SSLHandshakeException: The certificate is not trusted
> by IDE TrustManager
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:369)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:312)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:307)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1357)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175)
> at
> java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
> at
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
> at
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
> at
> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:199)
> at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
> at
> java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1506)
> at
> java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1416)
> at
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:451)
> at
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:422)
> at
> java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:574)
> at
> java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:183)
> at
> java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:142)
> at
> org.netbeans.modules.xml.retriever.impl.URLResourceRetriever.getInputStreamOfURL(URLResourceRetriever.java:144)
> at
> org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever.retrieveDocument(SecureURLResourceRetriever.java:74)
> [catch] at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:263)
> at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.doGetModelSource(CatalogModelImpl.java:244)
> at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:167)
> at
> org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getCompletionModel(DefaultModelProvider.java:102)
> at
> org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getModels(DefaultModelProvider.java:62)
> at
>
[jira] [Updated] (NETBEANS-5956) Wildcard certificate of *.apache.org not accepted by IDE TrustManager for use in pom.xml
[
https://issues.apache.org/jira/browse/NETBEANS-5956?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ronny Perinke updated NETBEANS-5956:
Description:
If you have a Maven project and open a pom.xml with xsi:schemalocation set, you
will get an error from the IDE that the certificate of "*.apache.org" could not
be verified. This seems to be an issue with the new wildcard cert. The
certificate is accepted by the JRE trust-store as a quick check with jshell
reveals.
!image-2021-08-27-20-52-46-248.png!
If you do not accept the certificate and the two from certificate chain, you
lose auto-completion and schema validation for the pom. *This must be repeated
after very restart of the IDE!*
messages.log says
{code:title=messages.log}
INFO [org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl]: The
certificate is not trusted by IDE TrustManager
java.security.cert.CertificateException: The certificate is not trusted by IDE
TrustManager
at
org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever$1.checkServerTrusted(SecureURLResourceRetriever.java:114)
at
java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1442)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341)
Caused: javax.net.ssl.SSLHandshakeException: The certificate is not trusted by
IDE TrustManager
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:369)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:312)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:307)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1357)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175)
at
java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
at
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
at
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
at
java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:199)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at
java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1506)
at
java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1416)
at
java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:451)
at
java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:422)
at
java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:574)
at
java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:183)
at
java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:142)
at
org.netbeans.modules.xml.retriever.impl.URLResourceRetriever.getInputStreamOfURL(URLResourceRetriever.java:144)
at
org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever.retrieveDocument(SecureURLResourceRetriever.java:74)
[catch] at
org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:263)
at
org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.doGetModelSource(CatalogModelImpl.java:244)
at
org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:167)
at
org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getCompletionModel(DefaultModelProvider.java:102)
at
org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getModels(DefaultModelProvider.java:62)
at
org.netbeans.modules.xml.schema.completion.util.CompletionContextImpl.initModels(CompletionContextImpl.java:938)
at
org.netbeans.modules.xml.schema.completion.CompletionQuery.getCompletionItems(CompletionQuery.java:343)
at
org.netbeans.modules.xml.schema.completion.CompletionQuery$ModelTask.run(CompletionQuery.java:310)
at
org.openide.util.RequestProcessor$Task.run(RequestProcessor.java:1418)
at
org.netbeans.modules.openide.util.GlobalLookup.execute(GlobalLookup.java:45)
at org.openide.util.lookup.Lookups.executeWith(Lookups.java:278)
at
org.openide.util.RequestProcessor$Processor.run(RequestProcessor.java:2033)
{code}
{code:title=check with jshell}
jshell>
[jira] [Updated] (NETBEANS-5956) Wildcard certificate of *.apache.org not accepted by IDE TrustManager for use in pom.xml
[
https://issues.apache.org/jira/browse/NETBEANS-5956?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ronny Perinke updated NETBEANS-5956:
Component/s: editor - Completion & Templates
> Wildcard certificate of *.apache.org not accepted by IDE TrustManager for use
> in pom.xml
>
>
> Key: NETBEANS-5956
> URL: https://issues.apache.org/jira/browse/NETBEANS-5956
> Project: NetBeans
> Issue Type: Bug
> Components: editor - Completion Templates
>Affects Versions: 12.4
>Reporter: Ronny Perinke
>Priority: Critical
> Fix For: 12.5
>
> Attachments: image-2021-08-27-20-52-46-248.png
>
>
> If you have a Maven project and open a pom.xml with xsi:schemalocation set,
> you will get an error from the IDE that the certificate of "*.apache.org"
> could not be verified. This seems to be an issue with the new wildcard cert.
> The certificate is accepted by the JRE trust-store as a quick check with
> jshell reveals.
> !image-2021-08-27-20-52-46-248.png!
> If you do not accept the certificate and the two from certificate chain, you
> lose auto-completion and schema validation for the pom. *This must be
> repeated after very restart of the IDE!*
> messages.log says
> {code}
> INFO [org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl]: The
> certificate is not trusted by IDE TrustManager
> java.security.cert.CertificateException: The certificate is not trusted by
> IDE TrustManager
> at
> org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever$1.checkServerTrusted(SecureURLResourceRetriever.java:114)
> at
> java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1442)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341)
> Caused: javax.net.ssl.SSLHandshakeException: The certificate is not trusted
> by IDE TrustManager
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:369)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:312)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:307)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1357)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232)
> at
> java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175)
> at
> java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
> at
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
> at
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
> at
> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:199)
> at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
> at
> java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1506)
> at
> java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1416)
> at
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:451)
> at
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:422)
> at
> java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:574)
> at
> java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:183)
> at
> java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:142)
> at
> org.netbeans.modules.xml.retriever.impl.URLResourceRetriever.getInputStreamOfURL(URLResourceRetriever.java:144)
> at
> org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever.retrieveDocument(SecureURLResourceRetriever.java:74)
> [catch] at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:263)
> at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.doGetModelSource(CatalogModelImpl.java:244)
> at
> org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:167)
> at
> org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getCompletionModel(DefaultModelProvider.java:102)
> at
> org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getModels(DefaultModelProvider.java:62)
> at
>
[jira] [Updated] (NETBEANS-5956) Wildcard certificate of *.apache.org not accepted by IDE TrustManager for use in pom.xml
[
https://issues.apache.org/jira/browse/NETBEANS-5956?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ronny Perinke updated NETBEANS-5956:
Description:
If you have a Maven project and open a pom.xml with xsi:schemalocation set, you
will get an error from the IDE that the certificate of "*.apache.org" could not
be verified. This seems to be an issue with the new wildcard cert. The
certificate is accepted by the JRE trust-store as a quick check with jshell
reveals.
!image-2021-08-27-20-52-46-248.png!
If you do not accept the certificate and the two from certificate chain, you
lose auto-completion and schema validation for the pom. *This must be repeated
after very restart of the IDE!*
messages.log says
{code}
INFO [org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl]: The
certificate is not trusted by IDE TrustManager
java.security.cert.CertificateException: The certificate is not trusted by IDE
TrustManager
at
org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever$1.checkServerTrusted(SecureURLResourceRetriever.java:114)
at
java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1442)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341)
Caused: javax.net.ssl.SSLHandshakeException: The certificate is not trusted by
IDE TrustManager
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:369)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:312)
at
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:307)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1357)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232)
at
java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175)
at
java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
at
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
at
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
at
java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:199)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at
java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1506)
at
java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1416)
at
java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:451)
at
java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:422)
at
java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:574)
at
java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:183)
at
java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:142)
at
org.netbeans.modules.xml.retriever.impl.URLResourceRetriever.getInputStreamOfURL(URLResourceRetriever.java:144)
at
org.netbeans.modules.xml.retriever.impl.SecureURLResourceRetriever.retrieveDocument(SecureURLResourceRetriever.java:74)
[catch] at
org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:263)
at
org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.doGetModelSource(CatalogModelImpl.java:244)
at
org.netbeans.modules.xml.retriever.catalog.impl.CatalogModelImpl.getModelSource(CatalogModelImpl.java:167)
at
org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getCompletionModel(DefaultModelProvider.java:102)
at
org.netbeans.modules.xml.schema.completion.util.DefaultModelProvider.getModels(DefaultModelProvider.java:62)
at
org.netbeans.modules.xml.schema.completion.util.CompletionContextImpl.initModels(CompletionContextImpl.java:938)
at
org.netbeans.modules.xml.schema.completion.CompletionQuery.getCompletionItems(CompletionQuery.java:343)
at
org.netbeans.modules.xml.schema.completion.CompletionQuery$ModelTask.run(CompletionQuery.java:310)
at
org.openide.util.RequestProcessor$Task.run(RequestProcessor.java:1418)
at
org.netbeans.modules.openide.util.GlobalLookup.execute(GlobalLookup.java:45)
at org.openide.util.lookup.Lookups.executeWith(Lookups.java:278)
at
org.openide.util.RequestProcessor$Processor.run(RequestProcessor.java:2033)
{code}
{code}
jshell>
