stackoom
  简体   繁体   中英

javax.net.ssl.SSLHandshakeException when trying to clone GIT on MAC

 原文  2019-03-14 11:34:32       java/ git/ macos/ ssl/ visual-studio-code

Question

When trying to clone a VSTS project repo to my Mac (via VS Code Terminal) I get the following certificate error

git clone https://abc-masked.visualstudio.com/Test/_git/Test.UI 

Cloning into 'Test.UI'...
Configuration::loadGitConfiguration
Program::loadOperationArguments
Configuration::tryGetEntry
Configuration::tryGetEntry
Configuration::tryGetEntry
Configuration::tryGetEntry
Configuration::tryGetEntry
Configuration::tryGetEntry
Program::EnableTraceLogging
Program::get
   targetUri = https://abc-masked.visualstudio.com/
Program::ComponentFactory::createSecureStore
Getting a persistent token store that must be secure
Getting a persistent credential store that must be secure
Program::createAuthentication
   detecting authority type
BaseVsoAuthentication::getAuthentication
BaseVsoAuthentication::detectAuthority
   detected visualstudio.com, checking AAD vs MSA
Fatal error encountered.  Details:
java.lang.Error: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at com.microsoft.alm.authentication.BaseVsoAuthentication.detectAuthority(BaseVsoAuthentication.java:293)
    at com.microsoft.alm.authentication.BaseVsoAuthentication.getAuthentication(BaseVsoAuthentication.java:324)
    at com.microsoft.alm.gitcredentialmanager.Program.createAuthentication(Program.java:915)
    at com.microsoft.alm.gitcredentialmanager.Program$ComponentFactory.createAuthentication(Program.java:1174)
    at com.microsoft.alm.gitcredentialmanager.Program.initialize(Program.java:883)
    at com.microsoft.alm.gitcredentialmanager.Program.get(Program.java:292)
    at com.microsoft.alm.gitcredentialmanager.Program.access$200(Program.java:63)
    at com.microsoft.alm.gitcredentialmanager.Program$3.call(Program.java:284)
    at com.microsoft.alm.gitcredentialmanager.Program$3.call(Program.java:281)
    at com.microsoft.alm.gitcredentialmanager.Program.innerMain(Program.java:195)
    at com.microsoft.alm.gitcredentialmanager.Program.main(Program.java:123)
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
    at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321)
    at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264)
    at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:259)
    at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1329)
    at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1204)
    at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1151)
    at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
    at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
    at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421)
    at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:178)
    at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
    at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
    at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
    at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
    at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567)
    at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:163)
    at com.microsoft.alm.helpers.HttpClient.head(HttpClient.java:97)
    at com.microsoft.alm.authentication.BaseVsoAuthentication.detectAuthority(BaseVsoAuthentication.java:277)
    ... 10 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
    at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:290)
    at java.base/sun.security.validator.Validator.validate(Validator.java:264)
    at java.base/sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:321)
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:221)
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129)
    at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1313)
    ... 25 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
    at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
    at java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
    at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
    ... 31 more
fatal: credential helper '!java -Ddebug=true -Djava.net.useSystemProxies=true -jar /usr/local/Cellar/git-credential-manager/2.0.4/libexec/git-credential-manager-2.0.4.jar' told us to quit

I have tried the following:

  1. Updated the Java version

  2. I downloaded the certificate from my VSTS domain (abc-masked.visualstudio.com) and added it to the Java keystore but that did not help.

    Also, I have git-credential-manager installed.

I am new to git, Can you please point me in the right direction?

Edit: This URL https://abc-masked.visualstudio.com/ when I open in the browser immediately redirects to https://dev.azure.com/abc-masked .So I added both *.dev.azure.com and *.visualstudio.com certs to both Mac keychain and Java Keystore

1 answers

solution1
 0  2019-03-24 19:00:25

Virtually, you have to trust the certificate. Get trusted certificate to clone a repo. You can refer my github url, I am doing exactly the same to clone a repo.

https://github.com/debjava/ddlab-gitpusher-idea/blob/master/ddlab.gitpusher.core/src/main/java/com/ddlab/gitpusher/util/HTTPUtil.java

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question javax.net.ssl.SSLHandshakeException when trying to compile application javax.net.ssl.SSLHandshakeException javax.net.ssl.SSLHandshakeException? javax.net.ssl.SSLHandshakeException when trying to send email with JavaMail SMTP Apache httpclient javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLHandshakeException on Travis CI Validation failed: javax.net.ssl.SSLHandshakeException: and Java : javax.net.ssl.SSLHandshakeException javax.net.ssl.SSLHandshakeException HttpsURLConnection Troubleshooting javax.net.ssl.SSLHandshakeException
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM