Hi, I have a Jenkins instance running (2.230, also I have tested LTS) on a Docker container using only HTTPS with self-signed certificates, in the same network I start an SSH Build Agent and a JNLP Agent, the SSH Build agent connects without issues, but the JNLP gives me an error I dunno what it is related, it said that the X-Instance-Identity is invalid, there is no proxy or anything else in between and the X-Instance-Identity is there so I dunno, why Jenkins said, is invalid, Do anyone see something similar or know what is this error about?
This is the Agent config <slave> <name> jnlp-agent </name> <remoteFS> /home/jenkins </remoteFS> <numExecutors> 2 </numExecutors> <mode> NORMAL </mode> <launcher class="hudson.slaves.JNLPLauncher"> <workDirSettings> <disabled> false </disabled> <workDirPath> /home/jenkins </workDirPath> <internalDir> remoting </internalDir> <failIfWorkDirIsMissing> false </failIfWorkDirIsMissing> </workDirSettings> <webSocket> false </webSocket> </launcher> <label> jnlp linux </label> <nodeProperties/> </slave> These are the commands I use to launch the Jenkins instance printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth" > domain.ext openssl req \ -newkey rsa:2048 -nodes -sha256 -keyout domain_private.key \ -x509 -days 365 -out domain.crt \ -subj '/CN=localhost' -extensions EXT -config domain.ext openssl rsa -in domain_private.key -out domain.key docker run \ -e JENKINS_OPTS="--httpPort=-1 --httpsPort=9443 --httpsCertificate=/var/lib/jenkins/cert --httpsPrivateKey=/var/lib/jenkins/pk" --name jenkins \ --rm \ -p 9443:9443 \ -v jenkins_home:/var/jenkins_home \ --network net \ jenkins/jenkins-tls:2.230 An this is the command used to launch eht Agent docker run --name jnlp-agent -it --rm --network net jenkins/jnlp-slave -disableHttpsCertValidation -credentials jenkins:"SuP3rP4ssw0rd" -url https://jenkins:9443/computer/jnlp-agent/slave-agent.jnlp 224a6accfb5b9728e3db3dfc43ae8d2d986b24c09b2d8701497ca13c474d3dde jnlp-agent Apr 11, 2020 11:36:59 AM hudson.remoting.jnlp.Main createEngine INFO: Setting up agent: jnlp-agent Apr 11, 2020 11:36:59 AM hudson.remoting.jnlp.Main$CuiListener <init> INFO: Jenkins agent is running in headless mode. Apr 11, 2020 11:36:59 AM hudson.remoting.jnlp.Main createEngine WARNING: Certificate validation for HTTPs endpoints is disabled Apr 11, 2020 11:37:00 AM hudson.remoting.Engine startEngine INFO: Using Remoting version: 4.3 Apr 11, 2020 11:37:00 AM hudson.remoting.Engine startEngine WARNING: No Working Directory. Using the legacy JAR Cache location: /home/jenkins/.jenkins/cache/jars Apr 11, 2020 11:37:00 AM hudson.remoting.jnlp.Main$CuiListener status INFO: Locating server among [https://jenkins:9443/computer/jnlp-agent/slave-agent.jnlp] Apr 11, 2020 11:37:00 AM org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver openURLConnection WARNING: HTTPs certificate check is disabled for the endpoint. Apr 11, 2020 11:37:00 AM hudson.remoting.jnlp.Main$CuiListener error SEVERE: https://jenkins:9443/computer/jnlp-agent/slave-agent.jnlp/tcpSlaveAgentListener/ appears to be publishing an invalid X-Instance-Identity. java.io.IOException: https://jenkins:9443/computer/jnlp-agent/slave-agent.jnlp/tcpSlaveAgentListener/ appears to be publishing an invalid X-Instance-Identity. at org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver.resolve(JnlpAgentEndpointResolver.java:287) at hudson.remoting.Engine.innerRun(Engine.java:693) at hudson.remoting.Engine.run(Engine.java:518) So I've changed to try to use direct connect without luck JENKINS_INSTANCE_IDENTITY=$(curl -sfkI https://localhost:9443 | grep X-Instance-Identity | cut -d\ -f2) echo ${JENKINS_INSTANCE_IDENTITY} MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijph9cC+d2brNUMc+wE8Y3ZUvByXYIDZzJpAL37x6juBmwTGKPhOhCmmal/Lm5dTMAF1IWnZyOlMnLPrcPm4ifbhOS11Azpk/3lIH+DrK0ypXqVgYRf9ovLF7ZFRvNZovr6eMHXql4pK5wzgFQGM0ZcP6WwaWfKAma3ekqFLz986WvNBsQ4r7C5sxPZLYiSBuBiy+8bMSzzfd6S7FbpWG3RMJjXckw5mG4jDmLkMSfdhLrTsTKQbcPgPrbSJlZdZRUW5SdxsFF0oxuhhNibUkNgDcDQ3UEHVVVM2H7g1ul3gzOThX6mXf6Hm/YUCNmIGlQIb/siOQe5mxcYxxl/VAQIDAQAB docker run --name jnlp-agent -it --rm --network net jenkins/jnlp-slave -disableHttpsCertValidation -credentials jenkins:"SuP3rP4ssw0rd" -instanceIdentity ${JENKINS_INSTANCE_IDENTITY} -direct jenkins:9443 224a6accfb5b9728e3db3dfc43ae8d2d986b24c09b2d8701497ca13c474d3dde jnlp-agent Apr 11, 2020 11:45:28 AM hudson.remoting.jnlp.Main createEngine INFO: Setting up agent: jnlp-agent Apr 11, 2020 11:45:29 AM hudson.remoting.jnlp.Main$CuiListener <init> INFO: Jenkins agent is running in headless mode. Apr 11, 2020 11:45:29 AM hudson.remoting.jnlp.Main createEngine WARNING: Certificate validation for HTTPs endpoints is disabled Apr 11, 2020 11:45:29 AM hudson.remoting.Engine startEngine INFO: Using Remoting version: 4.3 Apr 11, 2020 11:45:29 AM hudson.remoting.Engine startEngine WARNING: No Working Directory. Using the legacy JAR Cache location: /home/jenkins/.jenkins/cache/jars Apr 11, 2020 11:45:29 AM hudson.remoting.jnlp.Main$CuiListener status INFO: Locating server among [] Apr 11, 2020 11:45:29 AM hudson.remoting.jnlp.Main$CuiListener error SEVERE: Illegal base64 character d java.lang.IllegalArgumentException: Illegal base64 character d at java.util.Base64$Decoder.decode0(Base64.java:714) at java.util.Base64$Decoder.decode(Base64.java:526) at java.util.Base64$Decoder.decode(Base64.java:549) at org.jenkinsci.remoting.engine.JnlpEndpointResolver.getIdentity(JnlpEndpointResolver.java:43) at org.jenkinsci.remoting.engine.JnlpAgentEndpointConfigurator.resolve(JnlpAgentEndpointConfigurator.java:51) at hudson.remoting.Engine.innerRun(Engine.java:693) at hudson.remoting.Engine.run(Engine.java:518) -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/aadc51f3-426c-4cd3-b538-ffd228309bd3%40googlegroups.com.