tomcat app LDAP authentification fails after JAVA-Update

Bug #1902712 reported by Oliver Spornitz
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openjdk-8 (Ubuntu)
Fix Released
Critical
Tiago Stürmer Daitx

Bug Description

After updating openjdk-8-jre-headless:amd64 to version 8u272-b10-0ubuntu1~16.04 on Ubuntu 16.04 our tomcat app qispos is unable to authenticate against the campus LDAP server.

The message looks like this:

ldap_errormessage=javax.net.ssl.SSLPeerUnverifiedException: hostname of the server '' does not match the hostname in the server's certificate., authPath=[]

The failure does not appear directly after update. Our servers worked well until reboot.

Downgrading the package openjdk-8-jre-headless:amd64 to version 8u77-b03-3ubuntu3 fixes the problem. Our software supplier is sure, that it is a bug in the jdk.

Best regards
Oliver Spornitz

Revision history for this message
Tiago Stürmer Daitx (tdaitx) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better.

This has been reported [1] and is being discussed upstream for inclusion in 8u275 [2].

We are waiting for the release of 8u275 that will fix another regression and we will include this fix even if upstream does not.

[1] https://bugs.openjdk.java.net/browse/JDK-8214440#comment-14377867
[2] https://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-November/012950.html

tags: added: bionic focal groovy hirsute regression-update xenial
Changed in openjdk-8 (Ubuntu):
importance: Undecided → Critical
status: New → Confirmed
assignee: nobody → Tiago Stürmer Daitx (tdaitx)
Revision history for this message
Oliver Spornitz (spornitz) wrote :

We updated openjdk-8-jre-headless:amd64 to the following version today:

root@qispos-qa2:~# java -version
openjdk version "1.8.0_275"
OpenJDK Runtime Environment (build 1.8.0_275-8u275-b01-0ubuntu1~16.04-b01)
OpenJDK 64-Bit Server VM (build 25.275-b01, mixed mode)

We can confirm, that authentication against the campus LDAP server works with this release.

Thank you very much.

Best regards
Oliver Spornitz

Changed in openjdk-8 (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.