Expired certificates in 3.7.0

Hi, this is a bug report. I downloaded snmp4j-3.7.0, and ran mvn on the download. A number of unit tests fail. See below. I debugged it, and the certificates in the download expired in May 2022.

Running org.snmp4j.smi.TestCounter64
Tests run: 5, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.001 sec
Running org.snmp4j.smi.TestOID
Tests run: 7, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.002 sec
Running org.snmp4j.smi.TestTimeTicks
497 days, 2:27:52.95
Tests run: 3, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.006 sec
Running org.snmp4j.smi.OctetStringTest
Tests run: 7, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.002 sec
Running org.snmp4j.security.AuthHMAC128SHA224Test
Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0 sec
Running org.snmp4j.security.TestPriv3DES
Tests run: 2, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.015 sec
Running org.snmp4j.security.TestAuthSHA
Tests run: 3, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.037 sec
Running org.snmp4j.security.TestUSM
Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.011 sec
Running org.snmp4j.security.TestPrivDES
Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0 sec
Running org.snmp4j.security.TestPrivAES
Tests run: 4, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.014 sec
Running org.snmp4j.security.dh.DHOperationsTest
Tests run: 3, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.004 sec
Running org.snmp4j.security.TestAuthHMAC192SHA256
Tests run: 3, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.022 sec
Running org.snmp4j.security.TestAuthMD5
Tests run: 5, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.028 sec
Running org.snmp4j.asn1.TestBER
Tests run: 22, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.008 sec

Results :

Failed tests: sendMessageWithPDUDnsCertPathVerification(org.snmp4j.transport.TLSTMTest)
sendMessageWithPDUVeryLong(org.snmp4j.transport.TLSTMTest): PDU not received by command responder
sendMessagesWithPDU(org.snmp4j.transport.TLSTMTest)
sendNotifyV3TLSTM(org.snmp4j.transport.TLSTMTest)
sendMessage(org.snmp4j.transport.TLSTMTest)
testCloseSession(org.snmp4j.transport.TLSTMTest)
sendMessageWithPDU(org.snmp4j.transport.TLSTMTest)

Tests in error:
sendMessagesWithPDUAndNotAcceptedSubjectDN(org.snmp4j.transport.DTLSTMTest): PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed
sendMessagesWithPDU(org.snmp4j.transport.DTLSTMTest): PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed

Tests run: 135, Failures: 7, Errors: 2, Skipped: 0

[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 02:21 min
[INFO] Finished at: 2022-07-21T09:08:18-04:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-surefire-plugin:2.12.4:test (default-test) on project snmp4j: There are test failures.
[ERROR]
[ERROR] Please refer to /home/tnelson/src/snmp4j-3.7.0/target/surefire-reports for the individual test results.
[ERROR] → [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] MojoFailureException - Apache Maven - Apache Software Foundation

Yes, I am already working on it for some time. The root cause is not yet identified (somehow the certificate update script does not work as expected), but I expect a fix soon though!

The SNMP4J 3.7.1-SNAPSHOT has now a working set of certificates. The certificate generation script generate-certificate-chain.sh was already working fine o update the certificates if executed in the resources directory with the expired certificates (./src/test/resources/org/snmp4j/transport/tls).

When the update script has been run, the DTLSM.SERVER_FINGER_PRINT and TLSTM.SERVER_FINGER_PRINT values need to be updated with the new fingerprint of the server certificate to successfully execute the tests.