JDK-6913898 : Need providing user friendly message when encounting exception for pre-trusted certificate
- Type: Bug
- Component: deploy
- Sub-Component: deployment_toolkit
- Affected Version: 6u18
- Priority: P3
- Status: Closed
- Resolution: Fixed
- OS: windows_nt
- CPU: x86
- Submitted: 2010-01-04
- Updated: 2010-09-16
- Resolved: 2010-06-01
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 6 | JDK 7 |
|---|---|
6u21 b01Fixed  |
7Fixed |
Description
When customer is running a Java store application, sometimes you will get this exception:
sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: java.io.IOException: Response is unreliable: its validity interval is out-of-date
at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source)
at com.sun.javaws.LaunchDownload.checkSignedResourcesHelper(Unknown Source)
at com.sun.javaws.LaunchDownload.checkSignedResources(Unknown Source)
at com.sun.javaws.Launcher.prepareLaunchFile(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.cert.CertPathValidatorException: java.io.IOException: Response is unreliable: its validity interval is out-of-date
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(Unknown Source)
at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(Unknown Source)
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(Unknown Source)
at java.security.cert.CertPathValidator.validate(Unknown Source)
... 16 more
Caused by: java.io.IOException: Response is unreliable: its validity interval is out-of-date
at sun.security.provider.certpath.OCSPResponse$SingleResponse.<init>(Unknown Source)
at sun.security.provider.certpath.OCSPResponse$SingleResponse.<init>(Unknown Source)
at sun.security.provider.certpath.OCSPResponse.<init>(Unknown Source)
at sun.security.provider.certpath.OCSPChecker.check(Unknown Source)
... 20 more
This is due to the system clock on user's machine doesn't setup correctly.
The Java store application is signed by Sun pre-trusted certificate, which is going to check revocation OCSP by default, if the system clock isn't setup correctly, it will throw the above exception occasionally.
Comments
|