Recent changes to 350: SSL/TLS error prevented download of tilehttps://sourceforge.net/p/mobac/bugs/350/Recent changes to 350: SSL/TLS error prevented download of tileenWed, 10 Feb 2021 14:07:39 -0000#350 SSL/TLS error prevented download of tilehttps://sourceforge.net/p/mobac/bugs/350/?limit=25#154c/d4f0<div class="markdown_content"><p>The grade of the server is not relevant. Look at the detail result especially on the cert chain. </p> <p>You are on Linux and you use SunJRE!? </p> <p>OpenJDK is IMHO at the moment the most preferred Java version to use. SunJRE is dead because of license restrictions and Java 8 is getting a bit old. </p></div>r_xWed, 10 Feb 2021 14:07:39 -0000https://sourceforge.net232cfa5250dbb11e2a17175bdb3ec7519a0f47a4#350 SSL/TLS error prevented download of tilehttps://sourceforge.net/p/mobac/bugs/350/?limit=25#154c<div class="markdown_content"><p>An interesting point is that using OpenJDK is avoiding the problem:</p> <div class="codehilite"><pre><span></span><span class="n">openjdk</span> <span class="k">version</span> <span class="ss">"11.0.10"</span> <span class="mi">2021</span><span class="o">-</span><span class="mi">01</span><span class="o">-</span><span class="mi">19</span> <span class="n">OpenJDK</span> <span class="n">Runtime</span> <span class="n">Environment</span> <span class="p">(</span><span class="n">build</span> <span class="mi">11</span><span class="p">.</span><span class="mi">0</span><span class="p">.</span><span class="mi">10</span><span class="o">+</span><span class="mi">9</span><span class="o">-</span><span class="n">Ubuntu</span><span class="o">-</span><span class="mi">0</span><span class="n">ubuntu1</span><span class="p">.</span><span class="mi">20</span><span class="p">.</span><span class="mi">04</span><span class="p">)</span> <span class="n">OpenJDK</span> <span class="mi">64</span><span class="o">-</span><span class="nb">Bit</span> <span class="n">Server</span> <span class="n">VM</span> <span class="p">(</span><span class="n">build</span> <span class="mi">11</span><span class="p">.</span><span class="mi">0</span><span class="p">.</span><span class="mi">10</span><span class="o">+</span><span class="mi">9</span><span class="o">-</span><span class="n">Ubuntu</span><span class="o">-</span><span class="mi">0</span><span class="n">ubuntu1</span><span class="p">.</span><span class="mi">20</span><span class="p">.</span><span class="mi">04</span><span class="p">,</span> <span class="n">mixed</span> <span class="k">mode</span><span class="p">,</span> <span class="n">sharing</span><span class="p">)</span> </pre></div> </div>rtfmWed, 10 Feb 2021 14:00:40 -0000https://sourceforge.net127b3c8ab785c24017c7faabd4750e0190040138#350 SSL/TLS error prevented download of tilehttps://sourceforge.net/p/mobac/bugs/350/?limit=25#c009<div class="markdown_content"><p>Checking the server with the URL you provided returns A grade for all 4 IP's.<br/> So it is not the certificate chain itself.</p></div>rtfmWed, 10 Feb 2021 13:56:31 -0000https://sourceforge.net7b3e466dc23cf7c89871f063f003c7cc85ff6847#350 SSL/TLS error prevented download of tilehttps://sourceforge.net/p/mobac/bugs/350/?limit=25#ff01<div class="markdown_content"><p>Some servers are configured wrong and even if the root CA certificate is trusted they forget to send the intermediate certificates. Firefox is so kind to provide an own large intermediate CA store to fix such problems. Java does not provide such a service to correct defect HTTPS servers. </p> <p>Most likely this is the problem.<br/> You can test the server regarding SSL/TLS problems: <a href="https://www.ssllabs.com/ssltest/" rel="nofollow">https://www.ssllabs.com/ssltest/</a></p></div>r_xWed, 10 Feb 2021 13:18:01 -0000https://sourceforge.netcce2260eb249f6a039258e1c4dce642e1963142fSSL/TLS error prevented download of tilehttps://sourceforge.net/p/mobac/bugs/350/<div class="markdown_content"><p>I get the following error by accessing the WMS server:</p> <div class="codehilite"><pre><span></span><span class="nv">ERROR</span> <span class="o">-</span> <span class="nv">SSL</span> <span class="nv">error</span>: <span class="nv">PKIX</span> <span class="nv">path</span> <span class="nv">building</span> <span class="nv">failed</span>: <span class="nv">sun</span>.<span class="nv">security</span>.<span class="nv">provider</span>.<span class="nv">certpath</span>.<span class="nv">SunCertPathBuilderException</span>: <span class="nv">unable</span> <span class="nv">to</span> <span class="nv">find</span> <span class="nv">valid</span> <span class="nv">certification</span> <span class="nv">path</span> <span class="nv">to</span> <span class="nv">requested</span> <span class="nv">target</span> <span class="nv">WARN</span> <span class="o">-</span> <span class="nv">SSL</span><span class="o">/</span><span class="nv">TLS</span> <span class="nv">error</span> <span class="nv">prevented</span> <span class="nv">download</span> <span class="nv">of</span> <span class="nv">tile</span> <span class="mi">10</span><span class="o">/</span><span class="mi">535</span><span class="o">/</span><span class="mi">362</span>@<span class="o">&lt;</span><span class="nv">snip</span><span class="o">/&gt;</span>: <span class="o">&lt;</span><span class="nv">snip</span><span class="o">/&gt;</span>: <span class="nv">java</span>.<span class="nv">security</span>.<span class="nv">cert</span>.<span class="nv">CertificateException</span>: <span class="nv">Untrusted</span> <span class="nv">certificate</span> <span class="nv">encountered</span>: <span class="nv">publicKeyHash</span><span class="o">=</span><span class="s2">"</span><span class="s">&lt;snip/&gt;</span><span class="s2">"</span><span class="c1">; certificate issued for &lt;snip/&gt;</span> </pre></div> <p>I suspect a java keystore problem, but cannot find which keystore is involved.<br/> The certificate chain is valid: I can fetch tiles with Firefox and check that the certificates are trusted.</p> <p>java version "1.8.0_281"<br/> Java(TM) SE Runtime Environment (build 1.8.0_281-b09)<br/> Java HotSpot(TM) 64-Bit Server VM (build 25.281-b09, mixed mode)</p> <p>Running Linux Mint 20.1</p></div>rtfmWed, 10 Feb 2021 13:14:18 -0000https://sourceforge.netb7f0a026efda268dc84d3b939df1efd7dae4588d