VirtualBox - Ubuntu - Maven - Error the trustAnchors parameter must be non-empty

Question

For a project with Aerospike i need to use maven. I'm trying to install this batch https://www.aerospike.com/docs/tools/asloader/index.html

I am working on Windows 7. So i use virtualBox (5.2.8) to create a Linux Machine with last version of Ubuntu 18.04 LTS. I installed many packages

Java

yvon@yvon-VirtualBox:~/aerospike-loader$ java --version
openjdk 10.0.1 2018-04-17
OpenJDK Runtime Environment (build 10.0.1+10-Ubuntu-3ubuntu1)
OpenJDK 64-Bit Server VM (build 10.0.1+10-Ubuntu-3ubuntu1, mixed mode)

Maven

yvon@yvon-VirtualBox:~/aerospike-loader$ mvn --version
Apache Maven 3.5.2
Maven home: /usr/share/maven
Java version: 10.0.1, vendor: Oracle Corporation
Java home: /usr/lib/jvm/java-11-openjdk-amd64
Default locale: fr_FR, platform encoding: UTF-8
OS name: "linux", version: "4.15.0-20-generic", arch: "amd64", family:"unix"

When i use this simple command

mvn clean -X 

i obtain this error

yvon@yvon-VirtualBox:~/aerospike-loader$ mvn clean -X
Apache Maven 3.5.2
Maven home: /usr/share/maven
Java version: 10.0.1, vendor: Oracle Corporation
Java home: /usr/lib/jvm/java-11-openjdk-amd64
Default locale: fr_FR, platform encoding: UTF-8
OS name: "linux", version: "4.15.0-20-generic", arch: "amd64", family: "unix"
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by com.google.inject.internal.cglib.core.$ReflectUtils$1 (file:/usr/share/maven/lib/guice.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
WARNING: Please consider reporting this to the maintainers of com.google.inject.internal.cglib.core.$ReflectUtils$1
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
[DEBUG] Created new class realm maven.api
...[DEBUG] Populating class realm maven.api
[INFO] Error stacktraces are turned on.
[DEBUG] Message scheme: color
[DEBUG] Message styles: debug info warning error success failure strong mojo project
[DEBUG] Reading global settings from /usr/share/maven/conf/settings.xml
[DEBUG] Reading user settings from /home/yvon/.m2/settings.xml
[DEBUG] Reading global toolchains from /usr/share/maven/conf/toolchains.xml
[DEBUG] Reading user toolchains from /home/yvon/.m2/toolchains.xml
[DEBUG] Using local repository at /home/yvon/.m2/repository
[DEBUG] Using manager EnhancedLocalRepositoryManager with priority 10.0 for /home/yvon/.m2/repository
[INFO] Scanning for projects...
[DEBUG] Extension realms for project com.aerospike:aerospike-load:jar:2.2: (none)
[DEBUG] Looking up lifecycle mappings for packaging jar from ClassRealm[plexus.core, parent: null]
[DEBUG] === REACTOR BUILD PLAN ================================================
[DEBUG] Project: com.aerospike:aerospike-load:jar:2.2
[DEBUG] Tasks:   [clean]
[DEBUG] Style:   Regular
[DEBUG] =======================================================================
[INFO] 
[INFO] ------------------------------------------------------------------------
[INFO] Building Aerospike DSV Loader 2.2
[INFO] ------------------------------------------------------------------------
[DEBUG] Lifecycle default -> [validate, initialize, generate-sources, process-sources, generate-resources, process-resources, compile, process-classes, generate-test-sources, process-test-sources, generate-test-resources, process-test-resources, test-compile, process-test-classes, test, prepare-package, package, pre-integration-test, integration-test, post-integration-test, verify, install, deploy]
[DEBUG] Lifecycle clean -> [pre-clean, clean, post-clean]
[DEBUG] Lifecycle site -> [pre-site, site, post-site, site-deploy]
[DEBUG] Using transporter WagonTransporter with priority -1.0 for https://nexus.opendaylight.org/content/repositories/public/
[DEBUG] Using connector BasicRepositoryConnector with priority 0.0 for https://nexus.opendaylight.org/content/repositories/public/
Downloading from opendaylight-mirror: https://nexus.opendaylight.org/content/repositories/public/org/apache/maven/plugins/maven-clean-plugin/2.5/maven-clean-plugin-2.5.pom
[DEBUG] Writing tracking file /home/yvon/.m2/repository/org/apache/maven/plugins/maven-clean-plugin/2.5/maven-clean-plugin-2.5.pom.lastUpdated
[DEBUG] Using transporter WagonTransporter with priority -1.0 for https://repo.maven.apache.org/maven2
[DEBUG] Using connector BasicRepositoryConnector with priority 0.0 for https://repo.maven.apache.org/maven2
Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-clean-plugin/2.5/maven-clean-plugin-2.5.pom
[DEBUG] Writing tracking file /home/yvon/.m2/repository/org/apache/maven/plugins/maven-clean-plugin/2.5/maven-clean-plugin-2.5.pom.lastUpdated
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 3.402 s
[INFO] Finished at: 2018-04-27T22:36:01+02:00
[INFO] Final Memory: 8M/256M
[INFO] ------------------------------------------------------------------------
[ERROR] Plugin org.apache.maven.plugins:maven-clean-plugin:2.5 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-clean-plugin:jar:2.5: Could not transfer artifact org.apache.maven.plugins:maven-clean-plugin:pom:2.5 from/to opendaylight-mirror (https://nexus.opendaylight.org/content/repositories/public/): java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty -> [Help 1]
org.apache.maven.plugin.PluginResolutionException: Plugin org.apache.maven.plugins:maven-clean-plugin:2.5 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-clean-plugin:jar:2.5
...
Caused by: org.eclipse.aether.resolution.ArtifactDescriptorException: Failed to read artifact descriptor for org.apache.maven.plugins:maven-clean-plugin:jar:2.5
...
Caused by: org.eclipse.aether.resolution.ArtifactResolutionException: Could not transfer artifact org.apache.maven.plugins:maven-clean-plugin:pom:2.5 from/to opendaylight-mirror (https://nexus.opendaylight.org/content/repositories/public/): java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
...
Caused by: org.eclipse.aether.transfer.ArtifactTransferException: Could not transfer artifact org.apache.maven.plugins:maven-clean-plugin:pom:2.5 from/to opendaylight-mirror (https://nexus.opendaylight.org/content/repositories/public/): java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
....
Caused by: org.apache.maven.wagon.TransferFailedException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
   ...
Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
...
Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
....
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
...
[ERROR] 
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/PluginResolutionException

I think that proble come from this error : the trustAnchors parameter must be non-empty

So in many case, this commande resolve the problem sudo update-ca-certificates -f

In my case, that's ok but the problem is still present

Updating certificates in /etc/ssl/certs...
133 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...

Have you an idea to resolve this problem ?

Yvon

Answer 1

In my case (ubuntu 18.04, maven 3.5.2) - following helped to get rid of this issue:

sudo rm /etc/ssl/certs/java/cacerts
sudo update-ca-certificates --fresh

Answer 2

If your program runs just fine with the parameter java -Djavax.net.ssl.trustStorePassword=changeit ... then this workaround might be relevant to you:

/usr/bin/printf '\xfe\xed\xfe\xed\x00\x00\x00\x02\x00\x00\x00\x00\xe2\x68\x6e\x45\xfb\x43\xdf\xa4\xd9\x92\xdd\x41\xce\xb6\xb2\x1c\x63\x30\xd7\x92' > /etc/ssl/certs/java/cacerts

/var/lib/dpkg/info/ca-certificates-java.postinst configure

See:

• https://gist.github.com/mikaelhg/527204e746984cf9a33f7910bb8b4cb6
• https://bugs.launchpad.net/ubuntu/+source/ca-certificates-java/+bug/1739631

Answer 3

Apache Maven 3.5.2, Ubuntu 18.04 LTS, OpenJDK 10.0.1 (Virtual Box and Notebook)

I had the same problem yesterday. The only thing that helped in my case was to remove the old certificate and copy the certificate manually from the oracle JDK 10 to the folder.

1. Donwload Oracle JDK 10

2. Unpack the archive

3. sudo rm /etc/ssl/certs/java/cacerts

4. sudo cp jdk-10-0-2/lib/security/cacerts /etc/ssl/certs/java/

Hope this helps someone.

Credits: Tyler Ruppert