{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 冷夜・残月 的问题《Error - trustAnchors parameter must be non-empty》','https://www.manongdao.com/q-1798.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm trying to configure my e-mail on Jenkins/Hudson, and I constantly receive the error:
java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be
non-empty
I've seen a good amount of information online about the error, but I have not gotten any to work. I'm using Sun's JDK on Fedora Linux (not OpenJDK).
Here are a few things I've tried. I tried following the advice from this post, but copying the cacerts from Windows over to my Fedora box hosting Jenkins didn't work. I tried following this guide as I'm trying to configure Gmail as my SMTP server, but it didn't work either. I also tried to download and move those cacert files manually and move them over to my Java folder using a variation of the commands on this guide.
I am open to any suggestions as I'm currently stuck right now. I have gotten it to work from a Windows Hudson server, but I am struggling on Linux.
This bizarre message means that the truststore you specified was:
See also @AdamPlumb's answer below.
If you experience this on Ubuntu with JDK9 and Maven, you can add this JVM option - first check if the path exists:
If the file is missing, try to install the ca-certificates-java as someone noted:
Removing the ca-certificates-java package and installing it again worked for me (Ubuntu MATE 17.10 (Artful Aardvark)).
Thank you, jdstrand: Comment 1 for bug 983302, Re: ca-certificates-java fails to install Java cacerts on Oneiric Ocelot.
I expected things like this, being that I use an alternate JVM in my Talend Open Studio (support at the moment exists only until JDK 1.7). I use 8 for security purposes... anyway
Update your certificate store:
then
add a new value in your initialization parameters
For me, the second entry worked. I think, depending on the version of Talend Open Studio/TEnt + JVM, it has a different parameter name, but it looks for the same keystore file.
I had this error message on Java 9.0.1 on Linux. It was due to a known bug of the JDK, where the cacerts file is empty in the .tar.gz binary package (downloaded from http://jdk.java.net/9/).
See the "known issues" paragraph of JDK 9.0.1 Release Notes, saying "TLS does not work by default on OpenJDK 9".
On Debian/Ubuntu (and probably other derivaties), a simple workaround is to replace the cacerts file with the one from the "ca-certificates-java" package:
On Red Hat Linux/CentOS, you can do the same from the "ca-certificates" package:
In my case the JKS file used in the client application was corrupted. I created a new one and imported the destination server SSL certificates in it. Then I used the new JKS file in the client application as a trust store, like:
Source: Java SSL and certificate keystore
I use the (KeyStore Explorer) tool to create the new JKS. You can download it from this link, KeyStore Explorer.