we used the keytool to create the self-signed cert so I assumed that was the correct method.
On Thursday, June 11, 2015 at 6:06:45 PM UTC-4, Richard Bywater wrote: > > I assume that you've loaded up the certs into the correct place for the > 1.7 version of Java? (e.g. cacerts file) > > Richard. > > On Fri, 12 Jun 2015 at 03:08 Ari LiVigni <arili...@gmail.com <javascript:>> > wrote: > >> I am having an issue with Java 1.7 and using self-signed cert it works >> with Java 1.6 and an official certificate but in some cases we have test >> Jenkins where we self sign. >> >> Is there a setting in the jenkins config to get around this issue? >> Something that can be done with Jetty? >> >> Here are exceptions from the jenkins log and the cli >> >> https://paste.fedoraproject.org/231148/ >> >> Exception from Jenkins Log: >> >> Jun 10, 2015 6:06:21 PM org.eclipse.jetty.util.log.JavaUtilLog warn >> WARNING: handle failed >> java.lang.RuntimeException: java.security.KeyException >> at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1333) >> at >> sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:519) >> at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:799) >> at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:767) >> at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) >> at org.eclipse.jetty.io.nio.SslConnection.unwrap(SslConnection.java:536) >> at >> org.eclipse.jetty.io.nio.SslConnection.process(SslConnection.java:401) >> at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:193) >> at >> org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) >> at >> org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) >> at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) >> at >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >> at java.lang.Thread.run(Thread.java:745) >> Caused by: java.security.ProviderException: java.security.KeyException >> at >> sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:146) >> at >> java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:687) >> at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:63) >> at >> sun.security.ssl.ServerHandshaker.setupEphemeralECDHKeys(ServerHandshaker.java:1316) >> at >> sun.security.ssl.ServerHandshaker.trySetCipherSuite(ServerHandshaker.java:1115) >> at >> sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:942) >> at >> sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:675) >> at >> sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:213) >> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901) >> at sun.security.ssl.Handshaker$1.run(Handshaker.java:841) >> at sun.security.ssl.Handshaker$1.run(Handshaker.java:839) >> at java.security.AccessController.doPrivileged(Native Method) >> at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1273) >> at >> org.eclipse.jetty.io.nio.SslConnection.process(SslConnection.java:375) >> at >> org.eclipse.jetty.io.nio.SslConnection.access$900(SslConnection.java:48) >> at >> org.eclipse.jetty.io.nio.SslConnection$SslEndPoint.fill(SslConnection.java:678) >> at org.eclipse.jetty.http.HttpParser.fill(HttpParser.java:1044) >> at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:280) >> at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) >> at >> org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) >> at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:196) >> ... 6 more >> Caused by: java.security.KeyException >> at sun.security.ec.ECKeyPairGenerator.generateECKeyPair(Native Method) >> at >> sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:126) >> ... 26 more >> >> >> Exception from CLI: >> [root@java16-master-jenkins-https-new ~]# java -jar jenkins-cli.jar -s >> https://localhost -noCertificateCheck help >> Skipping HTTPS certificate checks altogether. Note that this is not secure >> at all. >> Exception in thread "main" java.io.IOException: Failed to connect to >> https://localhost/ >> at hudson.cli.CLI.getCliTcpPort(CLI.java:271) >> at hudson.cli.CLI.<init>(CLI.java:126) >> at hudson.cli.CLIConnectionFactory.connect(CLIConnectionFactory.java:72) >> at hudson.cli.CLI._main(CLI.java:471) >> at hudson.cli.CLI.main(CLI.java:387) >> Suppressed: javax.net.ssl.SSLHandshakeException: Remote host closed >> connection during handshake >> at >> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:953) >> at >> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) >> at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359) >> at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) >> at >> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) >> at >> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) >> at >> sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1092) >> at >> sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) >> at >> hudson.cli.FullDuplexHttpStream.<init>(FullDuplexHttpStream.java:77) >> at hudson.cli.CLI.connectViaHttp(CLI.java:156) >> at hudson.cli.CLI.<init>(CLI.java:130) >> ... 3 more >> Caused by: java.io.EOFException: SSL peer shut down incorrectly >> at sun.security.ssl.InputRecord.read(InputRecord.java:482) >> at >> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934) >> ... 13 more >> Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed >> connection during handshake >> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:953) >> at >> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) >> at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359) >> at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) >> at >> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) >> at >> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) >> at >> sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153) >> at hudson.cli.CLI.getCliTcpPort(CLI.java:269) >> ... 4 more >> Caused by: java.io.EOFException: SSL peer shut down incorrectly >> at sun.security.ssl.InputRecord.read(InputRecord.java:482) >> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934) >> ... 11 more >> >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Jenkins Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to jenkinsci-use...@googlegroups.com <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/jenkinsci-users/378e2e50-2368-4cda-8aea-3eb8315abeac%40googlegroups.com >> >> <https://groups.google.com/d/msgid/jenkinsci-users/378e2e50-2368-4cda-8aea-3eb8315abeac%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/a43a8a73-ccfe-4ad4-ae80-09e29a1801f5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
