Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
fanart sometimes doesn't download: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed #373
What TMM version are you using?
release, pre-release, nightly, or directly from GitHub/branch?
What is the actual behaviour?
What is the expected behaviour?
Steps to reproduce:
Your Operating system? (win/mac/linux? version?)
openjdk version "1.8.0_181"
openjdk-8-jdk-headless/stable,now 8u181-b13-1~deb9u1 armhf [installed]
openjdk-8-jre-headless/stable,now 8u181-b13-1~deb9u1 armhf [installed]
This seems like a misconfiguration from fanart webservers.
Create a script with the following:
#!/usr/bin/env bash while true; do servername="https://assets.fanart.tv/" curl -I --verbose "$servername" if [[ $? != 0 ]]; then break fi done
Sometimes the url will return "INVALID CERTIFICATE", thus giving the exception of this issue. Maybe this is the same cause as #369.
I will keep my suggestion: a retry option when having problems to download these resources would be really useful. The default can be 0 and this can be a parameter in tinyMediaManager settings. I prefer retrying 10 times, even if it's wasteful, than waste my time reviewing all scrapings.
@mlaggner since v3 is not yet a stable release and I still need to use v2, do you know if there's a java parameter that can be used to avoid checking https certificates? I don't mind the security hole of doing this because I'm using an old machine and it's mainly downloading metadata.
IIRC there is no JVM parameter - we could implement a SSL handler which ignores untrusted certificates.. but that has to be implemented..