harikrishna-patnala commented on PR #11201: URL: https://github.com/apache/cloudstack/pull/11201#issuecomment-3088750616
@weizhouapache @DaanHoogland The available versions for bouncy castle provider supporting jdk18 starts from 1.71 to 1.81 (https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk18on) If we use 1.81 as the provider version `<cs.bcprov.version>1.81</cs.bcprov.version>` SystemVMs have trouble starting with the error ``` Caused by: java.lang.NoClassDefFoundError: Could not initialize class org.bouncycastle.operator.jcajce.OperatorHelper at org.bouncycastle.operator.jcajce.JcaContentSignerBuilder.<init>(Unknown Source) at org.apache.cloudstack.utils.security.CertUtils.generateV3Certificate(CertUtils.java:241) at org.apache.cloudstack.ca.provider.RootCAProvider.generateCertificate(RootCAProvider.java:152) ``` The last version that worked with our code is `<cs.bcprov.version>1.72</cs.bcprov.version>` At the moment I don't know the reason for "OperatorHelper" class not being found, so I adjusted the code to use 1.72 version. I'm not sure how the mentioned vulnerabilities effects us. Please review and see if this is fine. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@cloudstack.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
