[SOLVED] [Java 11 test]: amazonechocontrol 2.5.7-snapshop throws exceptions due to missing cacerts file

Today I’ve upgraded openHAB to 2.5.6-2 and while working on it i thought I give the preview of the new amazonechocontrol binding a try.
Unfortunately with Zulu 11 (32bit), the binding causes the following exceptions:

2020-07-17 20:24:13.926 [WARN ] [mazonechocontrol.internal.Connection] - Request to url 'https://alexa.amazon.de/api/bootstrap' fails with unknown error
javax.net.ssl.SSLException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
	at sun.security.ssl.Alert.createSSLException(Alert.java:133) ~[?:?]
	at sun.security.ssl.TransportContext.fatal(TransportContext.java:326) ~[?:?]
	at sun.security.ssl.TransportContext.fatal(TransportContext.java:269) ~[?:?]
	at sun.security.ssl.TransportContext.fatal(TransportContext.java:264) ~[?:?]
	at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1310) ~[?:?]
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:403) ~[?:?]
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567) ~[?:?]
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[?:?]
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1587) ~[?:?]
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1515) ~[?:?]
	at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:527) ~[?:?]
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:334) ~[?:?]
	at org.openhab.binding.amazonechocontrol.internal.Connection.makeRequest(Connection.java:614) [bundleFile:?]
	at org.openhab.binding.amazonechocontrol.internal.Connection.tryGetBootstrap(Connection.java:465) [bundleFile:?]
	at org.openhab.binding.amazonechocontrol.internal.Connection.verifyLogin(Connection.java:882) [bundleFile:?]
	at org.openhab.binding.amazonechocontrol.internal.Connection.tryRestoreLogin(Connection.java:357) [bundleFile:?]
	at org.openhab.binding.amazonechocontrol.internal.handler.AccountHandler.checkLogin(AccountHandler.java:385) [bundleFile:?]
	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) [?:?]
	at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:305) [?:?]
	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:305) [?:?]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) [?:?]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) [?:?]
	at java.lang.Thread.run(Thread.java:834) [?:?]
Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
	at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:102) ~[?:?]
	at sun.security.validator.Validator.getInstance(Validator.java:181) ~[?:?]
	at sun.security.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:300) ~[?:?]
	at sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(X509TrustManagerImpl.java:176) ~[?:?]
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:189) ~[?:?]
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129) ~[?:?]
	at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:629) ~[?:?]
	at sun.security.ssl.CertificateStatus$CertificateStatusConsumer.consume(CertificateStatus.java:295) ~[?:?]
	at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) ~[?:?]
	at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444) ~[?:?]
	at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:422) ~[?:?]
	at sun.security.ssl.TransportContext.dispatch(TransportContext.java:183) ~[?:?]
	at sun.security.ssl.SSLTransport.decode(SSLTransport.java:168) ~[?:?]
	at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1148) ~[?:?]
	at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1057) ~[?:?]
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:395) ~[?:?]
	... 17 more
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
	at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200) ~[?:?]
	at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:120) ~[?:?]
	at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:104) ~[?:?]
	at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:99) ~[?:?]
	at sun.security.validator.Validator.getInstance(Validator.java:181) ~[?:?]
	at sun.security.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:300) ~[?:?]
	at sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(X509TrustManagerImpl.java:176) ~[?:?]
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:189) ~[?:?]
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129) ~[?:?]
	at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:629) ~[?:?]
	at sun.security.ssl.CertificateStatus$CertificateStatusConsumer.consume(CertificateStatus.java:295) ~[?:?]
	at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) ~[?:?]
	at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444) ~[?:?]
	at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:422) ~[?:?]
	at sun.security.ssl.TransportContext.dispatch(TransportContext.java:183) ~[?:?]
	at sun.security.ssl.SSLTransport.decode(SSLTransport.java:168) ~[?:?]
	at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1148) ~[?:?]
	at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1057) ~[?:?]
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:395) ~[?:?]
	... 17 more

When switching back to Zulu 8 (32bit), the binding just starts fine.

FTR: i’ve also reported this in the amazonechocontrol thread:Preview and Beta: Amazon Echo Control

If you want it fixed, open an issue oh GitHub like any other snapshot issue.

I was just following the Java Test drive announcement, therefore this post here.
Issue is created: https://github.com/openhab/openhab-addons/issues/8150

1 Like

Ok, it seems to be caused by this:
Switching from Java8 to Java11 with openhabian-config removes the cacerts file. If I’m copying the Java-8-cacerts to the Java11 folder after changing to Java11, everything is working.
The question is, why is openhabian-config removing the cacerts file. It seems that is was programmed to do that so there must be a reason for it.

1 Like

Hopefully fixed now. You need to switch to master branch for your code to become updated.

2 Likes

Thanks! Changin from JAVA 8 to 11 is working now without issues
image

:+1:

This topic was automatically closed 41 days after the last reply. New replies are no longer allowed.