You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@logging.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2022/09/05 03:20:00 UTC

[jira] [Commented] (LOG4J2-3578) TlsSyslogAppenderTest fails because of expired certificate

    [ https://issues.apache.org/jira/browse/LOG4J2-3578?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17600140#comment-17600140 ] 

ASF subversion and git services commented on LOG4J2-3578:
---------------------------------------------------------

Commit 1e25c58dd2a999f90583629fb4ef161abe4bfaa7 in logging-log4j2's branch refs/heads/dependabot/maven/co.elastic.logging-log4j2-ecs-layout-1.5.0 from Ralph Goers
[ https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=1e25c58dd2 ]

LOG4J2-3578 - Generate new SSL certs for unit testing


>  TlsSyslogAppenderTest fails because of expired certificate
> -----------------------------------------------------------
>
>                 Key: LOG4J2-3578
>                 URL: https://issues.apache.org/jira/browse/LOG4J2-3578
>             Project: Log4j 2
>          Issue Type: Bug
>          Components: Tests
>    Affects Versions: 2.18.0
>            Reporter: Wolff Bock von Wuelfingen
>            Assignee: Ralph Goers
>            Priority: Major
>             Fix For: 2.19.0
>
>
> Running the Test by itself reveals the following cause for {{sendLargeLegacyBsdMessageOverTls(), sendLegacyBsdMessagesOverTls(), }}{{sendStructuredMessageOverTls(), }}{{sendStructuredMessagesOverTls()}}  failing:
> {code:java}
> Caused by: java.security.cert.CertPathValidatorException: validity check failed
>     at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:135)
>     at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:220)
>     at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:140)
>     at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:79)
>     at java.security.cert.CertPathValidator.validate(CertPathValidator.java:292)
>     at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:381)
>     ... 75 more
> Caused by: java.security.cert.CertificateExpiredException: NotAfter: Fri Aug 05 17:00:53 CEST 2022
>     at sun.security.x509.CertificateValidity.valid(CertificateValidity.java:277)
>     at sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:677)
>     at sun.security.provider.certpath.BasicChecker.verifyValidity(BasicChecker.java:190)
>     at sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:144)
>     at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:125)
>     ... 80 more {code}
> Looking at the certificate confirms this:
>  
> {code:java}
>   Validity: [From: Wed Aug 07 17:00:53 CEST 2013,
>                To: Fri Aug 05 17:00:53 CEST 2022] {code}
> By overriding the checked Date inside at sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:677) with the debugger i can make all tests pass under Windows.
> I think the certificate at fault is one of those in resources/org/apache/logging/log4j/core/net/ssl
> I'm unfortunately not versed enough to make a new certificate with a new expiration date.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)