Introduction
Ce document décrit comment importer le certificat CloudCenter dans le keystore java Jenkins.
Contribué par Deepak Sukhiya, ingénieur TAC Cisco.
Version de l'application
Gestionnaire CloudCenter |
4.0 / 4.2.x /4.4.x /4.5.x / 4.6.x/ 4.7.x / 4.8.0 |
Problème
Comment importer le certificat CloudCenter dans le keystore java Jenkins
ou
La validation de la connexion à partir du menu Projet > Configurer échoue avec cette erreur dans le journal jenkins :
Building in workspace /var/lib/jenkins/workspace/C3-Cent7
ERROR: Build step failed with exception
javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.glassfish.jersey.client.HttpUrlConnector.apply(HttpUrlConnector.java:229)
at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:224)
at org.glassfish.jersey.client.JerseyInvocation$1.call(JerseyInvocation.java:656)
at org.glassfish.jersey.client.JerseyInvocation$1.call(JerseyInvocation.java:653)
at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
at org.glassfish.jersey.internal.Errors.process(Errors.java:228)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:424)
at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:653)
at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:388)
at org.glassfish.jersey.client.JerseyInvocation$Builder.get(JerseyInvocation.java:292)
at cliqr.jenkins.plugin.CliQrJenkinsClient.RestUtils.getAppDetails(RestUtils.java:156)
at cliqr.jenkins.plugin.CliQrJenkinsClient.CliQrJenkinsClientBuilder.perform(CliQrJenkinsClientBuilder.java:243)
at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20)
at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:779)
at hudson.model.Build$BuildExecution.build(Build.java:205)
at hudson.model.Build$BuildExecution.doRun(Build.java:162)
at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:534)
at hudson.model.Run.execute(Run.java:1728)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:98)
at hudson.model.Executor.run(Executor.java:404)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
Solution
- Connectez-vous à l'ordinateur CloudCenter Manager (CCM) via Firefox.
- Affichez le certificat CloudCenter à l'aide de l'icône de cadenas sur le navigateur et enregistrez-le.
- Copiez l'enregistrement du certificat sur l'ordinateur Jenkins.
- Connectez-vous à l'ordinateur Jenkins via Secure Shell (SSH).
- Exécutez cette commande sur l'ordinateur Jenkins :
keytool -import -trustcacerts -alias exemple -keystore <Remplacez le chemin d'accès à java>/jre/lib/security/cacerts -file <emplacement du fichier de certificat enregistré>.
- L'authentification de CloudCenter sera validée correctement.