iTunes Autoingestion error: the trustAnchors parameter must be non-empty

StackOverflow https://stackoverflow.com/questions/7328417

Question

I just downloaded the new Autoingestion reporting tool for iTunes Connect, but I'm getting the following stack trace:

javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1574)
    at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1557)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1150)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1127)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:423)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:850)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
    at Autoingestion.main(Autoingestion.java:61)
Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
    at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:75)
    at sun.security.validator.Validator.getInstance(Validator.java:178)
    at sun.security.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:129)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:225)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:270)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:973)
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:142)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:533)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:471)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:904)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1116)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1143)
    ... 6 more
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
    at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200)
    at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:120)
    at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:104)
    at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:73)
    ... 17 more

I'm using java 1.6 and running the following command (sensitive values censored):

java Autoingestion me@domain.com asdf1234 XXXXXXXX Sales Daily Summary 20110901

Any ideas?

Was it helpful?

Solution

It turns out that my linux machine's distribution of Java didn't have a copy of the cacerts file which contains the necessary SSL certs. I grabbed a copy from my Mac and installed it on my linux server it is working fine now.

I discovered the answer on this SO post: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty on Linux, or why is the default truststore empty

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top