Uploaded image for project: 'OpenNMS'
  1. OpenNMS
  2. NMS-8532

Cannot validate remote-poller code certificate JRE 8u74 or newer

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 17.1.0
    • Fix Version/s: 18.0.3, 19.0.0
    • Component/s: Remote Polling
    • Security Level: Default (Default Security Scheme)
    • Labels:
      None

      Description

      With JRE 8 update 74 or newer, when trying to run remote poller agent on windows (tried 8.1 and 2008), it can't validate certificate for otg.opennms.features.poller.remote.jar.

      I think it's related to a Thawte intermediate SHA1 certificate that was removed. Tried to fix it installing old Thawte certs in java vault without luck.

      This is the complete exception. It says (translated from spanish): Couldn't verify signature for resource http://...

      ava.security.cert.CertificateException: No se ha podido verificar la firma del recurso: http://192.168.3.215:8980/opennms-remoting/webstart/org.opennms.features.poller.remote.jar
      at com.sun.deploy.security.TrustDecider.ensureAllJarEntriesSigned(Unknown Source)
      at com.sun.deploy.security.TrustDecider.getValidationState(Unknown Source)
      at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)
      at com.sun.deploy.security.TrustDecider.isAllPermissionGrantedInt(Unknown Source)
      at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
      at com.sun.deploy.security.DeployURLClassLoader.getResourcePermission(Unknown Source)
      at com.sun.deploy.security.DeployURLClassLoader.getResourceAsStream(Unknown Source)
      at org.springframework.core.io.ClassPathResource.getInputStream(ClassPathResource.java:166)
      at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:329)
      at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:303)
      at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:180)
      at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:216)
      at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:187)
      at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:251)
      at org.springframework.context.support.AbstractXmlApplicationContext.loadBeanDefinitions(AbstractXmlApplicationContext.java:127)
      at org.springframework.context.support.AbstractXmlApplicationContext.loadBeanDefinitions(AbstractXmlApplicationContext.java:93)
      at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:129)
      at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:540)
      at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:454)
      at org.springframework.context.support.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:139)
      at org.springframework.context.support.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:93)
      at org.opennms.poller.remote.Main.createAppContext(Main.java:294)
      at org.opennms.poller.remote.Main.run(Main.java:167)
      at org.opennms.poller.remote.Main.main(Main.java:398)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
      at java.lang.reflect.Method.invoke(Unknown Source)
      at com.sun.javaws.Launcher.executeApplication(Unknown Source)
      at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
      at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
      at com.sun.javaws.Launcher.run(Unknown Source)
      at java.lang.Thread.run(Unknown Source)
      Caused by: com.sun.deploy.net.JARSigningException: No se ha podido verificar la firma del recurso: http://192.168.3.215:8980/opennms-remoting/webstart/org.opennms.features.poller.remote.jar
      ... 33 more

      Regards,
      Tomás

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                ranger Benjamin Reed
                Reporter:
                theredia Tomás Heredia
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: