java.security.cert.CertPathValidatorException

There are no available Samebug tips for this exception. Do you have an idea how to solve this issue? A short tip would help users who saw this issue last week.

  • trying to update list of plugins from http://mirrors.karan.org/jenkins/updates/update-center.json Provides a signing certificate : MIIDezCCAmMCBQDerb7wMA0GCSqGSIb3DQEBBAUAMIGKMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxGDAWBgNVBAoTD0plbmtpbnMgUHJvamVjdDEaMBgGA1UEAxMRS29oc3VrZSBLYXdhZ3VjaGkxHTAbBgkqhkiG9w0BCQEWDmtrQGtvaHN1a2Uub3JnMB4XDTExMDQxOTA3MzUwNFoXDTEyMDQxODA3MzUwNFoweDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExGDAWBgNVBAoTD0plbmtpbnMgUHJvamVjdDEeMBwGA1UECxMVRGVmYXVsdCBVcGRhdGUgQ2VudGVyMRowGAYDVQQDExFLb2hzdWtlIEthd2FndWNoaTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANRDu439lC/Ie+LlQ42vYICZZ9aIA8+poXhJLt1Mhosz+zFGCdljWTvO3/wxNx7uA053YTIKu73cSAxVjWK8Qfhv19hKXNKe7wvHZF0y6VbSKqKctjXsm/4nWrGr61FTIxr3LcM3byx/vJ0tykQmiDc5/oov7MmUpBLSg1yCyO70t1/NxyYy7xCreU2G1x2w+RxFakfIaLK9r33FcFH+mrEzQZHxoxlg3AuLn1WDz9+mRMvCEEZU6AQh07gBG8f8dOV9ot2vaknkF+w4OTsDdUdXY5sNghr6yQTLU8++0u/f9N8j+cP07C39OWnIjloBt3WVuhSuw83IqOJHoYh85wUCAwEAATANBgkqhkiG9w0BAQQFAAOCAQEAfAte7k2JdwxS32FkJLj6i81wDaI8EUGoN2sbTRgFs/nXMxG1RuboPRLbz63IL/eRBvcUbq1RD+7UnrFjDkmN8SQlN90w3ODobOJv3U1zaJ01ehNa3CRgsCcIRjITtSWD+b2132rR9G2a7ZXD8GQ+50QhkG6SVwPwo/mklkleRb5WTcSCKrmHvZPsxCtrMSbw6OL1dM9h0j8vLaIMpxkCoJotajsTjP94LfP4z1JU4ifXaC/uXdugoQ9t6+0n+qrsYdI4JHV9OI5nMEJ5bdhvxAzA8enj/hZ9i/lekoUurc2W87dHdO46Kyt1PjCYS4LGVRsjeh04cCocajIVL2zM0w== Once dumped : Certificate: Data: Version: 1 (0x0) Serial Number: 3735928560 (0xdeadbef0) Signature Algorithm: md5WithRSAEncryption Issuer: C=US, ST=California, L=San Jose, O=Jenkins Project, CN=Kohsuke Kawaguchi/emailAddress=kk@kohsuke.org Validity Not Before: Apr 19 07:35:04 2011 GMT Not After : Apr 18 07:35:04 2012 GMT Subject: C=US, ST=California, O=Jenkins Project, OU=Default Update Center, CN=Kohsuke Kawaguchi => certificate expired this morning. this leads to the following exception when trying to refresh plugins list: 18 avr. 2012 15:28:23 hudson.model.UpdateSite doPostBack GRAVE: <div class=error><img src='/static/10b6d8c8/images/none.gif' height=16 width=1>Signature verification failed in the update center &#039;default&#039; <a href='#' class='showDetails'>(show details)</a><pre style='display:none'>java.security.cert.CertPathValidatorException: timestamp check failed at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(Unknown Source) at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(Unknown Source) (zip) => certificate should be renewed => as a workaround, we could be able to bypass signature validation
    via by Florent Revelut,
  • trying to update list of plugins from http://mirrors.karan.org/jenkins/updates/update-center.json Provides a signing certificate : MIIDezCCAmMCBQDerb7wMA0GCSqGSIb3DQEBBAUAMIGKMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxGDAWBgNVBAoTD0plbmtpbnMgUHJvamVjdDEaMBgGA1UEAxMRS29oc3VrZSBLYXdhZ3VjaGkxHTAbBgkqhkiG9w0BCQEWDmtrQGtvaHN1a2Uub3JnMB4XDTExMDQxOTA3MzUwNFoXDTEyMDQxODA3MzUwNFoweDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExGDAWBgNVBAoTD0plbmtpbnMgUHJvamVjdDEeMBwGA1UECxMVRGVmYXVsdCBVcGRhdGUgQ2VudGVyMRowGAYDVQQDExFLb2hzdWtlIEthd2FndWNoaTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANRDu439lC/Ie+LlQ42vYICZZ9aIA8+poXhJLt1Mhosz+zFGCdljWTvO3/wxNx7uA053YTIKu73cSAxVjWK8Qfhv19hKXNKe7wvHZF0y6VbSKqKctjXsm/4nWrGr61FTIxr3LcM3byx/vJ0tykQmiDc5/oov7MmUpBLSg1yCyO70t1/NxyYy7xCreU2G1x2w+RxFakfIaLK9r33FcFH+mrEzQZHxoxlg3AuLn1WDz9+mRMvCEEZU6AQh07gBG8f8dOV9ot2vaknkF+w4OTsDdUdXY5sNghr6yQTLU8++0u/f9N8j+cP07C39OWnIjloBt3WVuhSuw83IqOJHoYh85wUCAwEAATANBgkqhkiG9w0BAQQFAAOCAQEAfAte7k2JdwxS32FkJLj6i81wDaI8EUGoN2sbTRgFs/nXMxG1RuboPRLbz63IL/eRBvcUbq1RD+7UnrFjDkmN8SQlN90w3ODobOJv3U1zaJ01ehNa3CRgsCcIRjITtSWD+b2132rR9G2a7ZXD8GQ+50QhkG6SVwPwo/mklkleRb5WTcSCKrmHvZPsxCtrMSbw6OL1dM9h0j8vLaIMpxkCoJotajsTjP94LfP4z1JU4ifXaC/uXdugoQ9t6+0n+qrsYdI4JHV9OI5nMEJ5bdhvxAzA8enj/hZ9i/lekoUurc2W87dHdO46Kyt1PjCYS4LGVRsjeh04cCocajIVL2zM0w== Once dumped : Certificate: Data: Version: 1 (0x0) Serial Number: 3735928560 (0xdeadbef0) Signature Algorithm: md5WithRSAEncryption Issuer: C=US, ST=California, L=San Jose, O=Jenkins Project, CN=Kohsuke Kawaguchi/emailAddress=kk@kohsuke.org Validity Not Before: Apr 19 07:35:04 2011 GMT Not After : Apr 18 07:35:04 2012 GMT Subject: C=US, ST=California, O=Jenkins Project, OU=Default Update Center, CN=Kohsuke Kawaguchi => certificate expired this morning. this leads to the following exception when trying to refresh plugins list: 18 avr. 2012 15:28:23 hudson.model.UpdateSite doPostBack GRAVE: <div class=error><img src='/static/10b6d8c8/images/none.gif' height=16 width=1>Signature verification failed in the update center &#039;default&#039; <a href='#' class='showDetails'>(show details)</a><pre style='display:none'>java.security.cert.CertPathValidatorException: timestamp check failed at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(Unknown Source) at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(Unknown Source) (zip) => certificate should be renewed => as a workaround, we could be able to bypass signature validation
    via by Florent Revelut,
  • CA Configuration Automation Readme
    via by Unknown author,
  • "timestamp check failed" error
    via by iodsfjoipsdfi ijsdpfijd,
  • Java mail with SSL - PKIX path validation failed
    via Stack Overflow by akn
    ,
  • Hello, I have a problem to list plugins. When i click on "Check now" in advanced tab in plugin manager, i have this error. I have try those urls, same error: https://updates.jenkins-ci.org/current/update-center.json http://ftp.nluug.nl/programming/jenkins/updates/current/update-center.json Signature verification failed in update site 'default' (show details) java.security.cert.CertPathValidatorException: Algorithm constraints check failed: MD5withRSA at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:135) at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:219) at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:140) at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:79) at java.security.cert.CertPathValidator.validate(CertPathValidator.java:292) at org.jvnet.hudson.crypto.CertificateUtil.validatePath(CertificateUtil.java:93) at jenkins.util.JSONSignatureValidator.verifySignature(JSONSignatureValidator.java:76) at hudson.model.UpdateSite.verifySignature(UpdateSite.java:219) at hudson.model.UpdateSite.updateData(UpdateSite.java:198) at hudson.model.UpdateSite.updateDirectlyNow(UpdateSite.java:170) at hudson.PluginManager.doCheckUpdatesServer(PluginManager.java:902) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:519) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298) at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:46) at org.kohsuke.stapler.Function$InterceptedFunction.invoke(Function.java:399) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96) at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:121) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.MetaClass$3.doDispatch(MetaClass.java:183) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649) at org.kohsuke.stapler.Stapler.service(Stapler.java:238) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:132) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:123) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:49) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:370) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:746)
    via by Henri Auvigny,
  • Introscope 8.2.2 does not work with Java 7
    via by Unknown author,
    • java.security.cert.CertPathValidatorException: timestamp check failed at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(Unknown Source) at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(Unknown Source)

    Users with the same issue

    Unknown visitor1 times, last one,
    Unknown visitor1 times, last one,
    Unknown visitor1 times, last one,
    Unknown visitor1 times, last one,
    Unknown visitor1 times, last one,
    5 more bugmates