OC deployed on an TLS end-point using a cert that is not trusted by the client master JVM

Issue

  • OC is deployed on an TLS end-point using a cert that is not trusted by the client master JVM
  • Client master is not correctly attached to JOC
  • I am getting the following stacktrace below on my Client
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Sou

Environment

  • CloudBees Jenkins Operations Center
  • Tomcat

Resolution

You need to tell what keystore Jenkins is looking in case it does not appear to be using the one you have setup for the instance of Tomcat.

If it is not in the standard location ( $JAVA_HOME/jre/lib/security/cacerts), then you would need to add it as part of the java arguments:

-Djavax.net.ssl.keyStore=c:\\locationOfTomcat\\cacert
-Djavax.net.ssl.keyStorePassword=password

 

 

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.