ghost
commented
6 years ago Update; @iboware I was able to workaround by downgrading to openjdk-8-jdk.
I am also seeing this with a fresh Ubuntu 18.04. Here's the debug logs.
Maybe it's this?
john@jerick-z440-ubuntu:~$ git clone https://mseng.visualstudio.com/VSOnline/_git/ArtifactTool
Cloning into 'ArtifactTool'...
Configuration::loadGitConfiguration
Configuration::ParseGitConfig
credential.canFallBackToInsecureStore = false
credential.helper = !/usr/lib/jvm/java-11-openjdk-amd64/bin/java -Ddebug=true -Djava.net.useSystemProxies=true -jar /home/john/Downloads/git-credential-manager-2.0.3.jar
Program::loadOperationArguments
Configuration::tryGetEntry
Configuration::tryGetEntry
Configuration::tryGetEntry
Configuration::tryGetEntry
Configuration::tryGetEntry
Configuration::tryGetEntry
canFallBackToInsecureStore = false
Program::EnableTraceLogging
Program::get
targetUri = https://mseng.visualstudio.com/
Program::ComponentFactory::createSecureStore
gnome-keyring library loaded, creating a password SCHEMA
Try access gnome-keyring with dummy data to make sure it's accessible...
Getting a persistent token store that must be secure
Getting a persistent credential store that must be secure
Program::createAuthentication
detecting authority type
BaseVsoAuthentication::getAuthentication
BaseVsoAuthentication::detectAuthority
detected visualstudio.com, checking AAD vs MSA
Fatal error encountered. Details:
java.lang.Error: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at com.microsoft.alm.authentication.BaseVsoAuthentication.detectAuthority(BaseVsoAuthentication.java:293)
at com.microsoft.alm.authentication.BaseVsoAuthentication.getAuthentication(BaseVsoAuthentication.java:324)
at com.microsoft.alm.gitcredentialmanager.Program.createAuthentication(Program.java:915)
at com.microsoft.alm.gitcredentialmanager.Program$ComponentFactory.createAuthentication(Program.java:1174)
at com.microsoft.alm.gitcredentialmanager.Program.initialize(Program.java:883)
at com.microsoft.alm.gitcredentialmanager.Program.get(Program.java:292)
at com.microsoft.alm.gitcredentialmanager.Program.access$200(Program.java:63)
at com.microsoft.alm.gitcredentialmanager.Program$3.call(Program.java:284)
at com.microsoft.alm.gitcredentialmanager.Program$3.call(Program.java:281)
at com.microsoft.alm.gitcredentialmanager.Program.innerMain(Program.java:195)
at com.microsoft.alm.gitcredentialmanager.Program.main(Program.java:123)
Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at java.base/sun.security.ssl.Alerts.getSSLException(Alerts.java:214)
at java.base/sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1974)
at java.base/sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1926)
at java.base/sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1909)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1436)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567)
at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:163)
at com.microsoft.alm.helpers.HttpClient.head(HttpClient.java:97)
at com.microsoft.alm.authentication.BaseVsoAuthentication.detectAuthority(BaseVsoAuthentication.java:277)
... 10 more
Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at java.base/sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:89)
at java.base/sun.security.validator.Validator.getInstance(Validator.java:181)
at java.base/sun.security.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:330)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(X509TrustManagerImpl.java:180)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:192)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:133)
at java.base/sun.security.ssl.ClientHandshaker.checkServerCerts(ClientHandshaker.java:1947)
at java.base/sun.security.ssl.ClientHandshaker.certificateStatus(ClientHandshaker.java:1798)
at java.base/sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:276)
at java.base/sun.security.ssl.Handshaker.processLoop(Handshaker.java:1098)
at java.base/sun.security.ssl.Handshaker.processRecord(Handshaker.java:1026)
at java.base/sun.security.ssl.SSLSocketImpl.processInputRecord(SSLSocketImpl.java:1137)
at java.base/sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1074)
at java.base/sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
at java.base/sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1402)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1429)
... 16 more
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at java.base/java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200)
at java.base/java.security.cert.PKIXParameters.<init>(PKIXParameters.java:120)
at java.base/java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:104)
at java.base/sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:86)
... 31 more
fatal: credential helper '!/usr/lib/jvm/java-11-openjdk-amd64/bin/java -Ddebug=true -Djava.net.useSystemProxies=true -jar /home/john/Downloads/git-credential-manager-2.0.3.jar' told us to quit
I have tried openjdk-11, openjdk-8 and oraclejdk-8 using git version 2.17.0 on Ubuntu 18.04. It was working well. I tried it today with a freshly installed Ubuntu and started to get this error.