In CentOS 8, TLSv1.0 is disabled by the system-wide cryptographic policy. The OpenDJ SDK does not seem to work well because it specifies TLSv1.0 as the protocol for the SSL context.
Steps to reproduce
$ mvn test -f opendj-grizzly
Enviroment
CentOS 8 1911
java-11-openjdk-11.0.5.10-2.el8_1.x86_64
Build Log
-------------------------------------------------------
T E S T S
-------------------------------------------------------
Running TestSuite
Configuring TestNG with: TestNG652Configurator
Test environment:
Java version: 11.0.5
Java vendor: Oracle Corporation
JVM name: OpenJDK 64-Bit Server VM
JVM version: 11.0.5+10-LTS
JVM vendor: Oracle Corporation
JVM info: mixed mode, sharing
Java home: /usr/lib/jvm/java-11-openjdk-11.0.5.10-2.el8_1.x86_64
OS: Linux 3.10.0-1062.9.1.el7.x86_64 amd64
Processors: 8
Max memory: 8384413696
Total memory: 528482304
How to read the progressive status info:
Test duration status: {Total min:sec. Since last status sec.}
Test count status: {# test classes # test methods # test method invocations # test failures}.
TestClass (the class that just completed)
{ 0:00 ( 1s)} { 0c 0m 0i 0f} : starting
{ 0:02 ( 1s)} { 1c 8m 8i 0f} : GrizzlyLDAPConnectionFactoryTestCase
{ 0:02 ( 0s)} { 2c 16m 16i 0f} : GrizzlyLDAPListenerTestCase
{ 0:02 ( 0s)} { 3c 61m 686i 0f} : ASN1BufferReaderTestCase
{ 0:02 ( 0s)} { 4c 78m 928i 0f} : ASN1BufferWriterTestCase
{ 0:02 ( 0s)} { 5c 80m 930i 0f} : GrizzlyLDAPConnectionTestCase
{ 0:02 ( 0s)} { 6c 81m 953i 0f} : GrizzlyLDAPReaderWriterTestCase
{ 0:02 ( 0s)} { 7c 86m 958i 0f} : GrizzlyUtilsTestCase
T E S T F A I L U R E ! ! !
Failed Test: org.forgerock.opendj.grizzly.ConnectionFactoryTestCase#testBlockingPromiseNoHandler
Failure Cause: java.util.concurrent.ExecutionException: org.forgerock.opendj.ldap.ConnectionException: Server Connection Closed: Heartbeat failed
org.forgerock.util.promise.PromiseImpl.get0(PromiseImpl.java:577)
org.forgerock.util.promise.PromiseImpl.get(PromiseImpl.java:132)
org.forgerock.opendj.grizzly.ConnectionFactoryTestCase.testBlockingPromiseNoHandler(ConnectionFactoryTestCase.java:264)
parameter[0]: LDAPConnectionFactory(provider=`Grizzly, host='localhost', port=42108, options=org.forgerock.util.Options@54d901aa)
-------------------------------------------------------------------------------
...(Omitted)...
Caused by: org.forgerock.opendj.ldap.LdapException: Local Error: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
at org.forgerock.opendj.ldap.LdapException.newLdapException(LdapException.java:188)
at org.forgerock.opendj.ldap.spi.ResultLdapPromiseImpl.setResultOrError(ResultLdapPromiseImpl.java:142)
at org.forgerock.opendj.ldap.spi.ResultLdapPromiseImpl.adaptErrorResult(ResultLdapPromiseImpl.java:120)
at org.forgerock.opendj.grizzly.LDAPClientFilter$ClientResponseHandler.handleExtendedResult0(LDAPClientFilter.java:399)
at org.forgerock.opendj.grizzly.LDAPClientFilter$ClientResponseHandler.extendedResult(LDAPClientFilter.java:257)
at org.forgerock.opendj.io.LDAPReader.readExtendedResult(LDAPReader.java:387)
at org.forgerock.opendj.io.LDAPReader.readProtocolOp(LDAPReader.java:595)
at org.forgerock.opendj.io.LDAPReader.readMessage(LDAPReader.java:132)
at org.forgerock.opendj.grizzly.LDAPBaseFilter.handleRead(LDAPBaseFilter.java:82)
...(Omitted)...
Results :
Failed tests:
org.forgerock.opendj.grizzly.ConnectionFactoryTestCase.testBlockingPromiseNoHandler(org.forgerock.opendj.grizzly.ConnectionFactoryTestCase)
Run 1: PASS
Run 2: PASS
Run 3: PASS
Run 4: PASS
Run 5: PASS
Run 6: ConnectionFactoryTestCase.testBlockingPromiseNoHandler:264 ? Execution org.for...
Run 7: ConnectionFactoryTestCase.testBlockingPromiseNoHandler:264 ? Execution org.for...
Run 8: PASS
Run 9: PASS
Run 10: PASS
Run 11: PASS
Run 12: PASS
Run 13: PASS
Run 14: PASS
Run 15: PASS
Run 16: PASS
Run 17: PASS
Run 18: PASS
Run 19: PASS
Run 20: PASS
Run 21: PASS
...(Omitted)...
Tests run: 974, Failures: 3, Errors: 0, Skipped: 0
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 7.298 s
[INFO] Finished at: 2020-01-29T08:16:16Z
[INFO] ------------------------------------------------------------------------
Description
When running the OpenDJ SDK build on CentOS 8, the following unit tests fail.
In CentOS 8, TLSv1.0 is disabled by the system-wide cryptographic policy. The OpenDJ SDK does not seem to work well because it specifies TLSv1.0 as the protocol for the SSL context.
Steps to reproduce
Enviroment
Build Log