F8: spring-boot: Spring-Remote: at .(ClassPathChangeUploader.java:100) The exception occurs when it detects a change and wants to run a Live Update, and this is how it looks: F8: spring-boot: Spring-Remote: Exception in thread "File Watcher" : : : No subject alternative DNS name matching localhost found. Had to import LE root into Java keystore and it worked.Just to clarify that the same issue appears on Linux. Im out of things to try at this point as I dont have much insight into how Jenkins connection auth works.Appreciate any help :)ĮDIT: Solved, the issue was that Java did not trust Lets Encrypt certs. I did packet capture on both instances, on our original jenkins and new one with -noCertificateChecka self signed jenkins cert is presented. We have an existing Jenkins (v: 2.263.3) instance where this works fine but that is before my time so Im not sure how that was configured.
Jenkins web (8080) is proxied through nginx (Which has HSTS enabled, if that matters) with proper LE certs. However, when we try the same java command with -noCertificateCheck flag it works fine and communicates to port 50000. If you are using a self-signed certificate, you can use the -noCertificateCheck option to bypass this check.Īt (Launcher.java:567)Īt (Launcher.java:345)Īt (Launcher.java:296)Ĭaused by: : : PKIX path building failed: .SunCertPathBuilderException: unable to find valid certification path to requested targetĪt .getSSLException(Alerts.java:192)Īt .fatal(SSLSocketImpl.java:1946)Īt .fatalSE(Handshaker.java:316)Īt .fatalSE(Handshaker.java:310)Īt .serverCertificate(ClientHandshaker.java:1639)Īt .processMessage(ClientHandshaker.java:223)Īt .processLoop(Handshaker.java:1037)Īt .process_record(Handshaker.java:965)Īt .readRecord(SSLSocketImpl.java:1064)Īt .performInitialHandshake(SSLSocketImpl.java:1367)Īt .startHandshake(SSLSocketImpl.java:1395)Īt .startHandshake(SSLSocketImpl.java:1379)Īt (Launcher.java:511)Ĭaused by: : PKIX path building failed: .SunCertPathBuilderException: unable to find valid certification path to requested targetĪt .doBuild(PKIXValidator.java:397)Īt .engineValidate(PKIXValidator.java:302)Īt .validate(Validator.java:262)Īt 509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)Īt 509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)Īt 509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)Īt .serverCertificate(ClientHandshaker.java:1621)Ĭaused by: .SunCertPathBuilderException: unable to find valid certification path to requested targetĪt .SunCertPathBuilder.build(SunCertPathBuilder.java:141)Īt .SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)Īt .build(CertPathBuilder.java:280)Īt .doBuild(PKIXValidator.java:392) INFO: Using c:\Jenkins\agent.log as an agent error log destination output log will not be generatedĮxception in thread "main" java.io.IOException: Failed to validate a server certificate.
Handshaker windows full#
The error on agent side complains about the SSL cert though, here is the full error: PM .WorkDirManager setupLogging does return the port 50000 as the correct port and port is mapped from host to docker container.
Handshaker windows windows#
When trying to connect windows agents using java -jar c:\Jenkins\agent.jar -agentLog c:\Jenkins\agent.log -jnlpCredentials user:apikey -jnlpUrl on windows side, we need no packets hitting the port 50000. We spun up a new Jenkins instance (v: 2.277.2) in docker.
0 kommentar(er)
