customJdk produces an output with a javax.net.ssl.SSLHandshakeException

[slimslenderslacks]

Can do some more research on but was first wondering if anyone has seen this problem, or tried to use customJdk for a program that connects with SSL.

The output mkCljBin works. I then build a customJdk.

            custom-jdk = pkgs.clj-nix.customJdk {
              cljDrv = clj;
              jdkBase = pkgs.jdk17_headless;
              locales = "en";
              javaOpts = [];
            };

The output of this has a new problem. Could be cacerts not configured correctly. I don't think it's a module problem because that stuff is java.base.

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

Has anyone run into this? Might need to just work on this nix package and try configuring cacerts differently. Missing environment variables in something that gets output?

Happy to look deeper into this if so.

[slimslenderslacks]

I thought this might be that JAVA_HOME was necessary in the binaryTemplate for customJdk but the actual problem was that I needed to explicitly provide jdk.crypto.ec for this site to work. I'll make a FAQ entry.

              extraJdkModules = ["java.security.jgss" "java.security.sasl" "jdk.crypto.ec"];

[slimslenderslacks]

opened pr #150 to document how this can be fixed

[jlesquembre]

Thanks, @slimslenderslacks. I've already merged #150. Perhaps we could consider automatically adding those modules if we detect java.net.http in the list of modules.