All, I am running into a certificate nightmare and need assistance. I am trying to deploy from jenkins to a WebSphere Application Server and I continue to receive a Certificate chaining error where as jenkins does appear to trust the WAS server cert that I have imported from WAS server to the Jenkins server. I'm unsure what the issue may be and I'm not sure which server is not trusting the cert: I will post me errors from the deploy:
wcbd.wsadmin.helper: [echoNL] Running wsadmin on wsdevapp2 with /opt/IBM/WebSphere/CommerceServer70/wcbd-deploy/wcbd-deploy-server-LC_PROD_01.37.000_02-26-2013/scripts/wcbd-wsadmin.py. [wsadmin] profileName=comm02 registry=/opt/IBM/WebSphere/AppServer/properties/profileRegistry.xml [wsadmin] profileHome=/opt/IBM/WebSphere/AppServer/profiles/comm02 [wsadmin] [wsadmin] *** SSL SIGNER EXCHANGE PROMPT *** [wsadmin] SSL signer from target host 172.16.46.133 is not found in trust store /opt/IBM/WebSphere/AppServer/profiles/comm02/etc/trust.p12. [wsadmin] [wsadmin] Here is the signer information (verify the digest value matches what is displayed at the server): [wsadmin] [wsadmin] Subject DN: CN=wsdevapp2.lifeway.org, OU=wsdevapp2Cell01, OU=wsdevapp2CellManager01, O=IBM, C=US [wsadmin] Issuer DN: CN=wsdevapp2.lifeway.org, OU=Root Certificate, OU=wsdevapp2Cell01, OU=wsdevapp2CellManager01, O=IBM, C=US [wsadmin] Serial number: 43978818652972773 [wsadmin] Expires: Fri Feb 21 09:28:31 CST 2014 [wsadmin] SHA-1 Digest: AE:D2:81:F3:05:DD:66:81:CD:82:63:65:9F:F9:60:41:6B:79:71:44 [wsadmin] MD5 Digest: 75:A8:8D:87:A0:5B:F7:E1:CD:BB:02:45:3C:A8:A3:F8 [wsadmin] [wsadmin] Subject DN: CN=wsdevapp2.lifeway.org, OU=Root Certificate, OU=wsdevapp2Cell01, OU=wsdevapp2CellManager01, O=IBM, C=US [wsadmin] Issuer DN: CN=wsdevapp2.lifeway.org, OU=Root Certificate, OU=wsdevapp2Cell01, OU=wsdevapp2CellManager01, O=IBM, C=US [wsadmin] Serial number: 43978815812331740 [wsadmin] Expires: Fri Feb 18 09:28:28 CST 2028 [wsadmin] SHA-1 Digest: AE:D2:81:F3:05:DD:66:81:CD:82:63:65:9F:F9:60:41:6B:79:71:44 [wsadmin] MD5 Digest: 75:A8:8D:87:A0:5B:F7:E1:CD:BB:02:45:3C:A8:A3:F8 [wsadmin] [wsadmin] Add signer to the trust store now? (y/n) WASX7023E: Error creating "SOAP" connection to host "wsdevapp2"; exception information: com.ibm.websphere.management.exception.ConnectorNotAvailableException: [SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: [wsadmin] java.security.cert.CertPathValidatorException: The certificate issued by CN=wsdevapp2.lifeway.org, OU=Root Certificate, OU=wsdevapp2Cell01, OU=wsdevapp2CellManager01, O=IBM, C=US is not trusted; internal cause is: [wsadmin] java.security.cert.CertPathValidatorException: Certificate chaining error; targetException=java.lang.IllegalArgumentException: Error opening socket: javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: -- View this message in context: http://jenkins.361315.n4.nabble.com/Certificate-chaining-error-tp4658324.html Sent from the Jenkins issues mailing list archive at Nabble.com. -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
