You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@logging.apache.org by "Wolff Bock von Wuelfingen (Jira)" <ji...@apache.org> on 2022/08/18 21:54:00 UTC

[jira] [Created] (LOG4J2-3578) TlsSyslogAppenderTest fails because of expired certificate

Wolff Bock von Wuelfingen created LOG4J2-3578:
-------------------------------------------------

             Summary:  TlsSyslogAppenderTest fails because of expired certificate
                 Key: LOG4J2-3578
                 URL: https://issues.apache.org/jira/browse/LOG4J2-3578
             Project: Log4j 2
          Issue Type: Bug
          Components: Tests
    Affects Versions: 2.18.0
            Reporter: Wolff Bock von Wuelfingen


Running the Test by itself reveals the following cause for {{sendLargeLegacyBsdMessageOverTls(), }}{{sendLegacyBsdMessagesOverTls(), }}{{sendStructuredMessageOverTls(), }}{{sendStructuredMessagesOverTls()}}  failing:
{code:java}
Caused by: java.security.cert.CertPathValidatorException: validity check failed
    at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:135)
    at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:220)
    at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:140)
    at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:79)
    at java.security.cert.CertPathValidator.validate(CertPathValidator.java:292)
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:381)
    ... 75 more
Caused by: java.security.cert.CertificateExpiredException: NotAfter: Fri Aug 05 17:00:53 CEST 2022
    at sun.security.x509.CertificateValidity.valid(CertificateValidity.java:277)
    at sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:677)
    at sun.security.provider.certpath.BasicChecker.verifyValidity(BasicChecker.java:190)
    at sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:144)
    at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:125)
    ... 80 more {code}
Looking at the certificate confirms this:

 
{code:java}
  Validity: [From: Wed Aug 07 17:00:53 CEST 2013,
               To: Fri Aug 05 17:00:53 CEST 2022] {code}
By overriding the checked Date inside at sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:677) with the debugger i can make all tests pass under Windows.

I'm unfortunately not versed enough to make a new certificate with a new expiration date.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)