I'm going to kick myself when I see the answer, I'm sure...
I'm trying to get a Jenkins plugin running which wants to issue an https: request to a Jira server. (No, the existing Jira plugins don't do what I need; checked that.) I'm using Atlassian's wrapper classes for the Jira REST API to avoid having to reimplement REST yet again.
Our Jenkins is running as a Linux Service, in case that matters at all.
Problem: Our Jira server's certificate is not being accepted, resulting in 401 "Unauthorized" responses. And simply adding the certificate to the Java "cacerts" file and stopping/restarting the Jenkins service isn't overcoming that.
I was able to resolve this on my own machine by explicitly setting what I *thought* was Java's default:
JAVA_OPTS="-Djavax.net.ssl.keyStore=$JAVA_HOME/jre/lib/security/cacert"
But I've been having trouble persuading our "official" Jenkins server to admit the new certificate is acceptable.
The API, alas, doesn't cope well with non-JSON responses such as the 401 page, but the response appears to be (skipping the boilerplate scripts and links):
<html>
<head>
<title>Unauthorized (401)</title>
<meta name="application-name" content="JIRA" data-name="jira" data-version="7.3.6">
</head>
<body id="jira" class="aui-layout aui-style-default page-type-message" data-version="7.3.6" >
<div class="aui-page-panel"><div class="aui-page-panel-inner">
<section class="aui-page-panel-content">
<header class="aui-page-header"><div class="aui-page-header-inner">
<div class="aui-page-header-main">
<h1>Unauthorized (401)</h1>
</div><!-- .aui-page-header-main -->
</div><!-- .aui-page-header-inner --></header><!-- .aui-page-header -->
<div class="aui-message aui-message-warning warning">
<p>Encountered a <code>"401 - Unauthorized"</code> error while loading this page.</p>
<p><a href="/secure/MyJiraHome.jspa">Go to JIRA home</a></p>
</div>
</section><!-- .aui-page-panel-content -->
</div><!-- .aui-page-panel-inner --></div><!-- .aui-page-panel -->
</body>
</html>
Yes, I can successfully SSLPoke port 443 on the Jira server from a shell step in a Jenkins job run on the production server. No, the Jira server isn't running on an unusual port itself.
As I said, the same plugin, with the same user parameters and posting to the same Jira server, is running fine on a Jenkins server on my own machine when launched with "mvn hpi:run". (I haven't yet tried dropping it into my normally running Jenkins service; should do that...)
I've been running myself ragged for a few days trying to figure out what I'm doing wrong. Tried everything I've found on the Internet that looked likely to help. I'm sure it's something obvious, but darned if I can find it.
Any advice on other diagnostics to try would be most welcome.
