we used the keytool to create the self-signed cert so I assumed that was the correct method.
On Thursday, June 11, 2015 at 6:06:45 PM UTC-4, Richard Bywater wrote: > > I assume that you've loaded up the certs into the correct place for the > 1.7 version of Java? (e.g. cacerts file) > > Richard. > > On Fri, 12 Jun 2015 at 03:08 Ari LiVigni <[email protected] <javascript:>> > wrote: > >> I am having an issue with Java 1.7 and using self-signed cert it works >> with Java 1.6 and an official certificate but in some cases we have test >> Jenkins where we self sign. >> >> Is there a setting in the jenkins config to get around this issue? >> Something that can be done with Jetty? >> >> Here are exceptions from the jenkins log and the cli >> >> https://paste.fedoraproject.org/231148/ >> >> Exception from Jenkins Log: >> >> Jun 10, 2015 6:06:21 PM org.eclipse.jetty.util.log.JavaUtilLog warn >> WARNING: handle failed >> java.lang.RuntimeException: java.security.KeyException >> at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1333) >> at >> sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:519) >> at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:799) >> at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:767) >> at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) >> at org.eclipse.jetty.io.nio.SslConnection.unwrap(SslConnection.java:536) >> at >> org.eclipse.jetty.io.nio.SslConnection.process(SslConnection.java:401) >> at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:193) >> at >> org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) >> at >> org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) >> at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) >> at >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >> at java.lang.Thread.run(Thread.java:745) >> Caused by: java.security.ProviderException: java.security.KeyException >> at >> sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:146) >> at >> java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:687) >> at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:63) >> at >> sun.security.ssl.ServerHandshaker.setupEphemeralECDHKeys(ServerHandshaker.java:1316) >> at >> sun.security.ssl.ServerHandshaker.trySetCipherSuite(ServerHandshaker.java:1115) >> at >> sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:942) >> at >> sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:675) >> at >> sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:213) >> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901) >> at sun.security.ssl.Handshaker$1.run(Handshaker.java:841) >> at sun.security.ssl.Handshaker$1.run(Handshaker.java:839) >> at java.security.AccessController.doPrivileged(Native Method) >> at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1273) >> at >> org.eclipse.jetty.io.nio.SslConnection.process(SslConnection.java:375) >> at >> org.eclipse.jetty.io.nio.SslConnection.access$900(SslConnection.java:48) >> at >> org.eclipse.jetty.io.nio.SslConnection$SslEndPoint.fill(SslConnection.java:678) >> at org.eclipse.jetty.http.HttpParser.fill(HttpParser.java:1044) >> at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:280) >> at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) >> at >> org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) >> at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:196) >> ... 6 more >> Caused by: java.security.KeyException >> at sun.security.ec.ECKeyPairGenerator.generateECKeyPair(Native Method) >> at >> sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:126) >> ... 26 more >> >> >> Exception from CLI: >> [root@java16-master-jenkins-https-new ~]# java -jar jenkins-cli.jar -s >> https://localhost -noCertificateCheck help >> Skipping HTTPS certificate checks altogether. Note that this is not secure >> at all. >> Exception in thread "main" java.io.IOException: Failed to connect to >> https://localhost/ >> at hudson.cli.CLI.getCliTcpPort(CLI.java:271) >> at hudson.cli.CLI.<init>(CLI.java:126) >> at hudson.cli.CLIConnectionFactory.connect(CLIConnectionFactory.java:72) >> at hudson.cli.CLI._main(CLI.java:471) >> at hudson.cli.CLI.main(CLI.java:387) >> Suppressed: javax.net.ssl.SSLHandshakeException: Remote host closed >> connection during handshake >> at >> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:953) >> at >> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) >> at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359) >> at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) >> at >> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) >> at >> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) >> at >> sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1092) >> at >> sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) >> at >> hudson.cli.FullDuplexHttpStream.<init>(FullDuplexHttpStream.java:77) >> at hudson.cli.CLI.connectViaHttp(CLI.java:156) >> at hudson.cli.CLI.<init>(CLI.java:130) >> ... 3 more >> Caused by: java.io.EOFException: SSL peer shut down incorrectly >> at sun.security.ssl.InputRecord.read(InputRecord.java:482) >> at >> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934) >> ... 13 more >> Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed >> connection during handshake >> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:953) >> at >> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) >> at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359) >> at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) >> at >> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) >> at >> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) >> at >> sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153) >> at hudson.cli.CLI.getCliTcpPort(CLI.java:269) >> ... 4 more >> Caused by: java.io.EOFException: SSL peer shut down incorrectly >> at sun.security.ssl.InputRecord.read(InputRecord.java:482) >> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934) >> ... 11 more >> >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Jenkins Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/jenkinsci-users/378e2e50-2368-4cda-8aea-3eb8315abeac%40googlegroups.com >> >> <https://groups.google.com/d/msgid/jenkinsci-users/378e2e50-2368-4cda-8aea-3eb8315abeac%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/a43a8a73-ccfe-4ad4-ae80-09e29a1801f5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
