My mac has a TFS build agent connecting to a TFS server. That works fine. But when fetching the source code it fails with the following error:
An error occurred: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
When I on the mac, remove the old certificate for the TFS server from the Java Truststore I get the following error:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
If I add a new certificate for the server, into the Java truststore (the cacerts file) with good new valid time stamps, I get this error:
PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
Thus, I know that I am making changes to the correct cacerts file, since I'am getting different output based on the two scenarios above.
I've been scanning through the cacert file, trying to find if any expired cert for the TFS server is still there. Can't find any.
I've tried importing both the root cert and the site cert, but no difference there.
No problems connecting to the server site with Safari or using curl. The certificate on the server is renewed and has valid timestamps.
Any help would be greatly appreciated.
