【问题标题】:Java security issue while downloading gradle plugins in ubuntu在 ubuntu 中下载 gradle 插件时出现 Java 安全问题
【发布时间】:2018-06-26 13:56:32
【问题描述】:

我们的 gradle 构建使用 SVN 工具插件,在 windows 上运行没有问题。使用构建问题的构建脚本部分如下所示:

buildscript {
    repositories {
        maven {
            url "https://plugins.gradle.org/m2/"
        }
    }
    dependencies {
        classpath "at.bxm.gradleplugins:gradle-svntools-plugin:2.2.1"
    }
}
apply plugin: "at.bxm.svntools"

我尝试在 ubuntu Ubuntu 18.04 LTS 上运行相同的构建,但收到以下错误消息:

Could not resolve all artifacts for configuration ':classpath'.
   > Could not resolve at.bxm.gradleplugins:gradle-svntools-plugin:2.2.1.
     Required by:
         project :
      > Could not resolve at.bxm.gradleplugins:gradle-svntools-plugin:2.2.1.
         > Could not get resource 'https://plugins.gradle.org/m2/at/bxm/gradleplugins/gradle-svntools-plugin/2.2.1/gradle-svntools-plugin-2.2.1.pom'.
            > Could not GET 'https://plugins.gradle.org/m2/at/bxm/gradleplugins/gradle-svntools-plugin/2.2.1/gradle-svntools-plugin-2.2.1.pom'.
               > java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

我在两台机器上使用相同版本的 Java 和 Gradle。 StackTrace 显示 SSL 证书存在一些问题。我应该怎么做才能在我的脚本中使用 gradle 插件存储库?

Caused by: org.gradle.internal.resource.transport.http.HttpRequestException: Could not GET 'https://plugins.gradle.org/m2/at/bxm/gradleplugins/gradle-svntools-plugin/2.2.1/gradle-svntools-plugin-2.2.1.pom'.
        at org.gradle.internal.resource.transport.http.HttpClientHelper.performRequest(HttpClientHelper.java:96)
        at org.gradle.internal.resource.transport.http.HttpClientHelper.performRawGet(HttpClientHelper.java:80)
        at org.gradle.internal.resource.transport.http.HttpClientHelper.performGet(HttpClientHelper.java:84)
        at org.gradle.internal.resource.transport.http.HttpResourceAccessor.openResource(HttpResourceAccessor.java:43)
        at org.gradle.internal.resource.transport.http.HttpResourceAccessor.openResource(HttpResourceAccessor.java:29)
        at org.gradle.internal.resource.transfer.DefaultExternalResourceConnector.openResource(DefaultExternalResourceConnector.java:56)
        at org.gradle.internal.resource.transfer.ProgressLoggingExternalResourceAccessor.openResource(ProgressLoggingExternalResourceAccessor.java:37)
        at org.gradle.internal.resource.transfer.AccessorBackedExternalResource.withContentIfPresent(AccessorBackedExternalResource.java:130)
        at org.gradle.internal.resource.BuildOperationFiringExternalResourceDecorator$11.call(BuildOperationFiringExternalResourceDecorator.java:237)
        at org.gradle.internal.resource.BuildOperationFiringExternalResourceDecorator$11.call(BuildOperationFiringExternalResourceDecorator.java:229)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor$CallableBuildOperationWorker.execute(DefaultBuildOperationExecutor.java:331)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor$CallableBuildOperationWorker.execute(DefaultBuildOperationExecutor.java:321)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.execute(DefaultBuildOperationExecutor.java:185)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.call(DefaultBuildOperationExecutor.java:107)
        at org.gradle.internal.operations.DelegatingBuildOperationExecutor.call(DelegatingBuildOperationExecutor.java:36)
        at org.gradle.internal.resource.BuildOperationFiringExternalResourceDecorator.withContentIfPresent(BuildOperationFiringExternalResourceDecorator.java:229)
        at org.gradle.internal.resource.transfer.DefaultCacheAwareExternalResourceAccessor.copyToCache(DefaultCacheAwareExternalResourceAccessor.java:199)
        ... 153 more
Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396)
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
        at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
        at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:373)
        at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381)
        at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)
        at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)
        at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
        at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111)
        at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
        at org.gradle.internal.resource.transport.http.HttpClientHelper.performHttpRequest(HttpClientHelper.java:148)
        at org.gradle.internal.resource.transport.http.HttpClientHelper.performHttpRequest(HttpClientHelper.java:126)
        at org.gradle.internal.resource.transport.http.HttpClientHelper.executeGetOrHead(HttpClientHelper.java:103)
        at org.gradle.internal.resource.transport.http.HttpClientHelper.performRequest(HttpClientHelper.java:94)
        ... 169 more
Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
        ... 184 more
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
        ... 184 more

【问题讨论】:

  • 如果您使用的是openjdk,请尝试使用oracle jdk。 openjdk 没有提供完整的 ca-certs。
  • 谢谢@gagansingh。首先我有OpenJDK 10,但我删除了它并安装了oracle jdk 8,但我仍然遇到同样的错误

标签: java ssl gradle ssl-certificate gradle-plugin


【解决方案1】:

问题是cacerts。删除 OpenJDK 并安装 oracle JDK8 是不够的。您应该更新/etc/ssl/certs/java/cacerts(删除 cacerts 并从 {ORACLE_JDK_HOME}/jre/lib/security/cacerts 复制新的)。 我第一次这样做我跑了

update-ca-certificates --fresh

但后来它不起作用所以下次我再次复制证书而不运行 update-ca-certificates --fresh 并且它起作用了

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 2019-04-22
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多