github bellsoft-jre17.0.5+8-linux-amd64.tar.gz x509: certificate signed by unknown authority #353
Comments
|
You have a network problem. The buildpack is trying to download the binaries it needs, but there is likely a device on your network that is intercepting traffic and rewriting the TLS certificates. That is usually why one would see these certificate errors, especially on a corporate network, but it could also mean someone is unexpectedly trying to intercept your TLS traffic. At any rate, you either need to obtain the TLS certificate from the network device that is rewriting your TLS traffic and make it be trusted by the buildpacks (all of the certificates it generates will be signed by its certificate, so if you trust its certificate then the connection can be trusted again), or you can download the binaries in advance and provide them to the buildpack through a different means, dependency mappings are the way to do that. In either case you need to add bindings. Bindings can be a little tricky to get right, which is why I created a tool to manage them, binding-tool.
This will create a Hope that helps! |
dear dmikusa firstly thanks for help, |
|
I'm not sure how much I can add. Something is intercepting your TLS traffic. TLS protects you from this which is why you are seeing an error instead of the connection being established, it prevents you from connecting to the wrong party. That could mean someone is maliciously trying to intercept your traffic or more likely, it means your employer/corporate network is intercepting TLS traffic so that they can view your traffic. If you need more help there, I would suggest talking to your IT/network team. In either case, they should be able to point you in the right direction. What is commonly the outcome of the situation you're in is that you'll get a TLS CA certificate that you need to trust. Once you get that file, follow the instructions I linked. This will allow the buildpacks to trust that certificate, likely generated by your IT team, and in turn trust the connections it makes to download the resources to be installed. HTH |
thanks dmikusa. i try it. |
i learning docker,
java 17.0.5 2022-10-18 LTS
Java(TM) SE Runtime Environment (build 17.0.5+9-LTS-191)
Java HotSpot(TM) 64-Bit Server VM (build 17.0.5+9-LTS-191, mixed mode, sharing)
when i generate docker images, it send me this problem.What is problem. i try it a lot of solution at this page and anohter page. Add cert ...
Can you help me please?
Running creator
[INFO] [creator] ===> ANALYZING
[INFO] [creator] Previous image with name "docker.io/eazybytes/configserver:latest" not found
[INFO] [creator] ===> DETECTING
[INFO] [creator] 6 of 24 buildpacks participating
[INFO] [creator] paketo-buildpacks/ca-certificates 3.5.1
[INFO] [creator] paketo-buildpacks/bellsoft-liberica 9.10.1
[INFO] [creator] paketo-buildpacks/syft 1.23.0
[INFO] [creator] paketo-buildpacks/executable-jar 6.5.0
[INFO] [creator] paketo-buildpacks/dist-zip 5.4.0
[INFO] [creator] paketo-buildpacks/spring-boot 5.22.0
[INFO] [creator] ===> RESTORING
[INFO] [creator] ===> BUILDING
[INFO] [creator]
[INFO] [creator] Paketo Buildpack for CA Certificates 3.5.1
[INFO] [creator] https://github.com/paketo-buildpacks/ca-certificates
[INFO] [creator] Launch Helper: Contributing to layer
[INFO] [creator] Creating /layers/paketo-buildpacks_ca-certificates/helper/exec.d/ca-certificates-helper
[INFO] [creator]
[INFO] [creator] Paketo Buildpack for BellSoft Liberica 9.10.1
[INFO] [creator] https://github.com/paketo-buildpacks/bellsoft-liberica
[INFO] [creator] Build Configuration:
[INFO] [creator] $BP_JVM_JLINK_ARGS --no-man-pages --no-header-files --strip-debug --compress=1 configure custom link arguments (--output must be omitted)
[INFO] [creator] $BP_JVM_JLINK_ENABLED false enables running jlink tool to generate custom JRE
[INFO] [creator] $BP_JVM_TYPE JRE the JVM type - JDK or JRE
[INFO] [creator] $BP_JVM_VERSION 17.* the Java version
[INFO] [creator] Launch Configuration:
[INFO] [creator] $BPL_DEBUG_ENABLED false enables Java remote debugging support
[INFO] [creator] $BPL_DEBUG_PORT 8000 configure the remote debugging port
[INFO] [creator] $BPL_DEBUG_SUSPEND false configure whether to suspend execution until a debugger has attached
[INFO] [creator] $BPL_HEAP_DUMP_PATH write heap dumps on error to this path
[INFO] [creator] $BPL_JAVA_NMT_ENABLED true enables Java Native Memory Tracking (NMT)
[INFO] [creator] $BPL_JAVA_NMT_LEVEL summary configure level of NMT, summary or detail
[INFO] [creator] $BPL_JFR_ARGS configure custom Java Flight Recording (JFR) arguments
[INFO] [creator] $BPL_JFR_ENABLED false enables Java Flight Recording (JFR)
[INFO] [creator] $BPL_JMX_ENABLED false enables Java Management Extensions (JMX)
[INFO] [creator] $BPL_JMX_PORT 5000 configure the JMX port
[INFO] [creator] $BPL_JVM_HEAD_ROOM 0 the headroom in memory calculation
[INFO] [creator] $BPL_JVM_LOADED_CLASS_COUNT 35% of classes the number of loaded classes in memory calculation
[INFO] [creator] $BPL_JVM_THREAD_COUNT 250 the number of threads in memory calculation
[INFO] [creator] $JAVA_TOOL_OPTIONS the JVM launch flags
[INFO] [creator] Using Java version 17.* from BP_JVM_VERSION
[INFO] [creator] BellSoft Liberica JRE 17.0.5: Contributing to layer
[INFO] [creator] Downloading from https://github.com/bell-sw/Liberica/releases/download/17.0.5+8/bellsoft-jre17.0.5+8-linux-amd64.tar.gz
[INFO] [creator] unable to invoke layer creator
[INFO] [creator] unable to get dependency jre
[INFO] [creator] unable to download https://github.com/bell-sw/Liberica/releases/download/17.0.5+8/bellsoft-jre17.0.5+8-linux-amd64.tar.gz
[INFO] [creator] unable to request https://github.com/bell-sw/Liberica/releases/download/17.0.5+8/bellsoft-jre17.0.5+8-linux-amd64.tar.gz
[INFO] [creator] Get "https://objects.githubusercontent.com/github-production-release-asset-2e65be/115621629/4522d780-0a4c-40ae-a3d1-d70a38bda0b9?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20221222%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221222T133020Z&X-Amz-Expires=300&X-Amz-Signature=43da7e88ed229441a0bf4e8eb6dcf912aa60ca1c44bed3d8832b26382c49e091&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=115621629&response-content-disposition=attachment%3B%20filename%3Dbellsoft-jre17.0.5%2B8-linux-amd64.tar.gz&response-content-type=application%2Foctet-stream": x509: certificate signed by unknown authority
[INFO] [creator] ERROR: failed to build: exit status 1
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 26.736 s
[INFO] Finished at: 2022-12-22T16:30:09+03:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.springframework.boot:spring-boot-maven-plugin:2.7.4:build-image (default-cli) on project configserver: Execution default-cli of goal org.springframework.boot:spring-boot-maven-plugin:2.7.4:build-image failed: Builder lifecycle 'creator' failed with status code 51 -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/PluginExecutionException
The text was updated successfully, but these errors were encountered: