Modify ↓
#14118 closed defect (fixed)
JOSM doesn't start - CertificateException: Response is unreliable: its validity interval is out-of-date
| Reported by: | Klumbumbus | Owned by: | team |
|---|---|---|---|
| Priority: | blocker | Milestone: | 16.12 |
| Component: | Core Webstart | Version: | |
| Keywords: | Cc: | stoecker |
Description
I can't start josm or josm-latest via jnlp since today. josm-latest.jnlp is downloaded fresh from server.
I get this error:
Java Web Start 11.111.2.14 x86 JRE-Version verwenden 1.8.0_111-b14 Java HotSpot(TM) Client VM
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Response is unreliable: its validity interval is out-of-date at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at sun.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) at sun.security.ssl.Handshaker.processLoop(Unknown Source) at sun.security.ssl.Handshaker.process_record(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.AccessController.doPrivilegedWithCombiner(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source) at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source) at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source) at com.sun.deploy.net.BasicHttpRequest.doGetRequestEX(Unknown Source) at com.sun.deploy.cache.ResourceProviderImpl.checkUpdateAvailable(Unknown Source) at com.sun.deploy.cache.ResourceProviderImpl.isUpdateAvailable(Unknown Source) at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source) at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source) at com.sun.javaws.Launcher.updateFinalLaunchDesc(Unknown Source) at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source) at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source) at com.sun.javaws.Launcher.launch(Unknown Source) at com.sun.javaws.Main.launchApp(Unknown Source) at com.sun.javaws.Main.continueInSecureThread(Unknown Source) at com.sun.javaws.Main.access$000(Unknown Source) at com.sun.javaws.Main$1.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Response is unreliable: its validity interval is out-of-date at com.sun.deploy.security.RevocationChecker.checkOCSP(Unknown Source) at com.sun.deploy.security.RevocationChecker.check(Unknown Source) at com.sun.deploy.security.RevocationCheckHelper.doRevocationCheck(Unknown Source) at com.sun.deploy.security.RevocationCheckHelper.doRevocationCheck(Unknown Source) at com.sun.deploy.security.RevocationCheckHelper.checkRevocationStatus(Unknown Source) at com.sun.deploy.security.X509TrustManagerDelegate.checkTrusted(Unknown Source) at com.sun.deploy.security.X509Extended7DeployTrustManagerDelegate.checkServerTrusted(Unknown Source) at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source) ... 34 more Suppressed: com.sun.deploy.security.RevocationChecker$StatusUnknownException at com.sun.deploy.security.RevocationChecker.checkCRLs(Unknown Source) ... 41 more Caused by: java.security.cert.CertPathValidatorException: Response is unreliable: its validity interval is out-of-date at sun.security.provider.certpath.OCSPResponse.verify(Unknown Source) at sun.security.provider.certpath.OCSP.check(Unknown Source) at sun.security.provider.certpath.OCSP.check(Unknown Source) at sun.security.provider.certpath.OCSP.check(Unknown Source) at com.sun.deploy.security.RevocationChecker$2.run(Unknown Source) at com.sun.deploy.security.RevocationChecker$2.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at com.sun.deploy.security.RevocationChecker.doPrivilegedOCSPCheck(Unknown Source) ... 42 more
Attachments (0)
Change History (9)
comment:1 by , 8 years ago
follow-up: 3 comment:2 by , 8 years ago
BTW: the jnlp file contains <j2se version="1.7+"/> shouldn't it be 1.8+?
comment:3 by , 8 years ago
Replying to Klumbumbus:
BTW: the jnlp file contains
<j2se version="1.7+"/>shouldn't it be1.8+?
Yes. Fixed
comment:4 by , 8 years ago
| Milestone: | → 16.12 |
|---|
comment:5 by , 8 years ago
| Cc: | added |
|---|
I don't understand why we get the error, I indeed revoked a certificate but I'm sure we're using another one. I have contacted Certum, I hope they'll answer tomorrow.
@Dirk, team: After three years I'm really tired of certificate management issues and do not longer want to do it next year, is there someone who's willing to pick up?
comment:6 by , 8 years ago
If necessary I'll do it, but actually I hate that too...
But I manage many dozens of certificates, so some more don't count.
comment:8 by , 8 years ago
I changed nothing, looks like Certum fixed the issue on their side. Waiting for their feedback before closing the ticket.
comment:9 by , 8 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
Facing this issue myself as well.