github bellsoft-jre17.0.5+8-linux-amd64.tar.gz x509: certificate signed by unknown authority about bellsoft-liberica HOT 4 CLOSED

You have a network problem.

[INFO] [creator] unable to download https://github.com/bell-sw/Liberica/releases/download/17.0.5+8/bellsoft-jre17.0.5+8-linux-amd64.tar.gz
[INFO] [creator] unable to request https://github.com/bell-sw/Liberica/releases/download/17.0.5+8/bellsoft-jre17.0.5+8-linux-amd64.tar.gz
[INFO] [creator] Get "https://objects.githubusercontent.com/github-production-release-asset-2e65be/115621629/4522d780-0a4c-40ae-a3d1-d70a38bda0b9?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20221222%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221222T133020Z&X-Amz-Expires=300&X-Amz-Signature=43da7e88ed229441a0bf4e8eb6dcf912aa60ca1c44bed3d8832b26382c49e091&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=115621629&response-content-disposition=attachment%3B%20filename%3Dbellsoft-jre17.0.5%2B8-linux-amd64.tar.gz&response-content-type=application%2Foctet-stream": x509: certificate signed by unknown authority

The buildpack is trying to download the binaries it needs, but there is likely a device on your network that is intercepting traffic and rewriting the TLS certificates. That is usually why one would see these certificate errors, especially on a corporate network, but it could also mean someone is unexpectedly trying to intercept your TLS traffic.

At any rate, you either need to obtain the TLS certificate from the network device that is rewriting your TLS traffic and make it be trusted by the buildpacks (all of the certificates it generates will be signed by its certificate, so if you trust its certificate then the connection can be trusted again), or you can download the binaries in advance and provide them to the buildpack through a different means, dependency mappings are the way to do that.

In either case you need to add bindings. Bindings can be a little tricky to get right, which is why I created a tool to manage them, binding-tool.

• To create bindings for a CA cert, run bt ca-certs -c <ca-cert-file>
• To download dependencies and create bindings for them, bt dm -b <buildpack>, i.e. bt dm -b paketo-buildpacks/bellsoft-liberica.

This will create a bindings/ directory in the current working directory, just volume map that into your build with --volume $PWD/bindings:/platform/bindings, or follow the instructions in the README.

Hope that helps!

from bellsoft-liberica.

You have a network problem.

[INFO] [creator] unable to download https://github.com/bell-sw/Liberica/releases/download/17.0.5+8/bellsoft-jre17.0.5+8-linux-amd64.tar.gz
[INFO] [creator] unable to request https://github.com/bell-sw/Liberica/releases/download/17.0.5+8/bellsoft-jre17.0.5+8-linux-amd64.tar.gz
[INFO] [creator] Get "https://objects.githubusercontent.com/github-production-release-asset-2e65be/115621629/4522d780-0a4c-40ae-a3d1-d70a38bda0b9?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20221222%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221222T133020Z&X-Amz-Expires=300&X-Amz-Signature=43da7e88ed229441a0bf4e8eb6dcf912aa60ca1c44bed3d8832b26382c49e091&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=115621629&response-content-disposition=attachment%3B%20filename%3Dbellsoft-jre17.0.5%2B8-linux-amd64.tar.gz&response-content-type=application%2Foctet-stream": x509: certificate signed by unknown authority

The buildpack is trying to download the binaries it needs, but there is likely a device on your network that is intercepting traffic and rewriting the TLS certificates. That is usually why one would see these certificate errors, especially on a corporate network, but it could also mean someone is unexpectedly trying to intercept your TLS traffic.

At any rate, you either need to obtain the TLS certificate from the network device that is rewriting your TLS traffic and make it be trusted by the buildpacks (all of the certificates it generates will be signed by its certificate, so if you trust its certificate then the connection can be trusted again), or you can download the binaries in advance and provide them to the buildpack through a different means, dependency mappings are the way to do that.

In either case you need to add bindings. Bindings can be a little tricky to get right, which is why I created a tool to manage them, binding-tool.

• To create bindings for a CA cert, run bt ca-certs -c <ca-cert-file>
• To download dependencies and create bindings for them, bt dm -b <buildpack>, i.e. bt dm -b paketo-buildpacks/bellsoft-liberica.

This will create a bindings/ directory in the current working directory, just volume map that into your build with --volume $PWD/bindings:/platform/bindings, or follow the instructions in the README.

Hope that helps!

dear dmikusa firstly thanks for help,
i am new learning docker and cloud tech. and dont know make it be trusted by the buildpacks. can you help me please. i read your written. but i dont understand :(

from bellsoft-liberica.

I'm not sure how much I can add. Something is intercepting your TLS traffic. TLS protects you from this which is why you are seeing an error instead of the connection being established, it prevents you from connecting to the wrong party. That could mean someone is maliciously trying to intercept your traffic or more likely, it means your employer/corporate network is intercepting TLS traffic so that they can view your traffic. If you need more help there, I would suggest talking to your IT/network team. In either case, they should be able to point you in the right direction.

What is commonly the outcome of the situation you're in is that you'll get a TLS CA certificate that you need to trust. Once you get that file, follow the instructions I linked. This will allow the buildpacks to trust that certificate, likely generated by your IT team, and in turn trust the connections it makes to download the resources to be installed.

HTH

from bellsoft-liberica.

güvenmeniz gereken bir TLS CA sertifikası almanızdır. Bu dosyayı aldıktan sonra, bağlantısını verdiğim talimatları izleyin

thanks dmikusa. i try it.

from bellsoft-liberica.