[] Upgrade/Installation to on CloudBees CI on Traditional through .rpm fails on startup if `JENKINS_HTTPS_KEYSTORE_PASSWORD` is set


  • After upgrade CloudBees CI to version or later using RPM, the service fails to start, and the Jenkins logs shows the following:
java.io.IOException: Failed to start a listener: winstone.HttpsConnectorFactory
Caused by: java.io.IOException: keystore password was incorrect



Any installation or upgrade to CloudBees CI on traditional platforms through RPM fails in case a JENKINS_HTTPS_KEYSTORE_PASSWORD is used in the configuration file /etc/sysconfig/cloudbees-core-[cm|oc]. For example:


The value is not correctly interpreted by the script that executes the java command, which causes the Keystore password to be wrong.

Related Issue(s)

  • BEE-7171: Unable to correctly read JENKINS_HTTPS_KEYSTORE_PASSWORD from systemd config file

Workaround / Resolution

Until a fix is available, the workaround is to leave the JENKINS_HTTPS_KEYSTORE_PASSWORD empty in the configuration file /etc/sysconfig/cloudbees-core-[cm|oc] and add the password as a Jenkins option --httpsKeyStorePassword in JENKINS_ARGS.

Remove the Keystore Password from the JENKINS_HTTPS_KEYSTORE_PASSWORD in the Configuration File

  • Edit the /etc/sysconfig/cloudbees-core-cm on the Controller host (or /etc/sysconfig/cloudbees-core-oc for Operations Center)

  • Locate the line where the JENKINS_HTTPS_KEYSTORE_PASSWORD=... is set:

  • Leave it empty:


Add the Keystore Password as a Jenkins argument to JENKINS_ARGS in the Configuration File

  • Locate the line where the JENKINS_ARGS=... is set:

  • Add the option --httpsKeyStorePassword with the password:


Restart the service

systemctl restart cloudbees-core-[cm|oc]

Have more questions?


Please sign in to leave a comment.