Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Require 'openssl' throws OpenSSL::X509::StoreError #4043

Closed
arcelan opened this issue Jul 30, 2016 · 1 comment
Closed

Require 'openssl' throws OpenSSL::X509::StoreError #4043

arcelan opened this issue Jul 30, 2016 · 1 comment

Comments

@arcelan
Copy link

arcelan commented Jul 30, 2016

Our experiment enviroment is:

  • OS: Solaris 11
  • JDK: Self-compiled Openjdk 8
  • JRuby: 9.1.2.0

When typing require 'openssl' in the irb, it will throw OpenSSL::X509::StoreError.
The ouput of the terminal is:

OpenSSL::X509::StoreError: setting default path failed: the trustAnchors parameter must be non-empty
        from org/jruby/ext/openssl/X509Store.java:185:in `set_default_paths'
        from /root/jruby/jruby-9.1.2.0/lib/ruby/stdlib/jopenssl/load.rb:25:in `<top>'
        from org/jruby/RubyKernel.java:944:in `require'
        from /root/jruby/jruby-9.1.2.0/lib/ruby/stdlib/rubygems/core_ext/kernel_require.rb:1:in `(root)'
        from /root/jruby/jruby-9.1.2.0/lib/ruby/stdlib/rubygems/core_ext/kernel_require.rb:55:in `<top>'
        from org/jruby/RubyKernel.java:944:in `require'
        from /root/jruby/jruby-9.1.2.0/lib/ruby/stdlib/openssl.rb:1:in `(root)'
        from /root/jruby/jruby-9.1.2.0/lib/ruby/stdlib/rubygems/core_ext/kernel_require.rb:1:in `<eval>'
        from org/jruby/RubyKernel.java:983:in `eval'
        from /root/jruby/jruby-9.1.2.0/lib/ruby/stdlib/rubygems/core_ext/kernel_require.rb:55:in `require'
        from (irb):1:in `evaluate'
        from org/jruby/RubyKernel.java:1290:in `loop'
        from org/jruby/RubyKernel.java:1103:in `catch'
        from org/jruby/RubyKernel.java:1103:in `catch'
        from /root/jruby/jruby-9.1.2.0/bin/irb:13:in `<top>'

However, if we use the JDK provided by Oracle, require 'openssl' won't throw any errors.

The java -version and javac -version of the self-compiled JDK are able to show the correct versions. We test the self-compiled JDK can successfully compile the Java source code into class file and execute the generated class file.

The generated directory of our self-compiled OpenJDK is as follow:

_the.CORBA.binaries.imported  btclasses_rmic                gen_profile_3                 gensrc_jdwp_headers           jce
bin                           classes                       gendocsrc_rmic                gensrc_no_srczip              lib
break_iterator                classes_security              gensrc                        gensrc_x11wrappers            objs
btbin                         gen_profile_1                 gensrc_headers                impsrc
btclasses                     gen_profile_2                 gensrc_jdwp_doc               include
@arcelan arcelan closed this as completed Aug 4, 2016
@arcelan
Copy link
Author

arcelan commented Aug 4, 2016

By default, the OpenJDK build creates an empty trusted certificate
authority keystore ($JAVA_HOME/jre/lib/security/cacerts)

@enebo enebo added this to the Invalid or Duplicate milestone Aug 26, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants