All, I am running into a certificate nightmare and need assistance. I am trying to deploy from jenkins to a WebSphere Application Server and I continue to receive a Certificate chaining error where as jenkins does appear to trust the WAS server cert that I have imported from WAS server to the Jenkins server. I'm unsure what the issue may be and I'm not sure which server is not trusting the cert: I will post me errors from the deploy:
wcbd.wsadmin.helper: [echoNL] Running wsadmin on wsdevapp2 with /opt/IBM/WebSphere/CommerceServer70/wcbd-deploy/wcbd-deploy-server-LC_PROD_01.37.000_02-26-2013/scripts/wcbd-wsadmin.py. [wsadmin] profileName=comm02 registry=/opt/IBM/WebSphere/AppServer/properties/profileRegistry.xml [wsadmin] profileHome=/opt/IBM/WebSphere/AppServer/profiles/comm02 [wsadmin] [wsadmin] *** SSL SIGNER EXCHANGE PROMPT *** [wsadmin] SSL signer from target host 172.16.46.133 is not found in trust store /opt/IBM/WebSphere/AppServer/profiles/comm02/etc/trust.p12. [wsadmin] [wsadmin] Here is the signer information (verify the digest value matches what is displayed at the server): [wsadmin] [wsadmin] Subject DN: CN=wsdevapp2.lifeway.org, OU=wsdevapp2Cell01, OU=wsdevapp2CellManager01, O=IBM, C=US [wsadmin] Issuer DN: CN=wsdevapp2.lifeway.org, OU=Root Certificate, OU=wsdevapp2Cell01, OU=wsdevapp2CellManager01, O=IBM, C=US [wsadmin] Serial number: 43978818652972773 [wsadmin] Expires: Fri Feb 21 09:28:31 CST 2014 [wsadmin] SHA-1 Digest: AE:D2:81:F3:05:DD:66:81:CD:82:63:65:9F:F9:60:41:6B:79:71:44 [wsadmin] MD5 Digest: 75:A8:8D:87:A0:5B:F7:E1:CD:BB:02:45:3C:A8:A3:F8 [wsadmin] [wsadmin] Subject DN: CN=wsdevapp2.lifeway.org, OU=Root Certificate, OU=wsdevapp2Cell01, OU=wsdevapp2CellManager01, O=IBM, C=US [wsadmin] Issuer DN: CN=wsdevapp2.lifeway.org, OU=Root Certificate, OU=wsdevapp2Cell01, OU=wsdevapp2CellManager01, O=IBM, C=US [wsadmin] Serial number: 43978815812331740 [wsadmin] Expires: Fri Feb 18 09:28:28 CST 2028 [wsadmin] SHA-1 Digest: AE:D2:81:F3:05:DD:66:81:CD:82:63:65:9F:F9:60:41:6B:79:71:44 [wsadmin] MD5 Digest: 75:A8:8D:87:A0:5B:F7:E1:CD:BB:02:45:3C:A8:A3:F8 [wsadmin] [wsadmin] Add signer to the trust store now? (y/n) WASX7023E: Error creating "SOAP" connection to host "wsdevapp2"; exception information: com.ibm.websphere.management.exception.ConnectorNotAvailableException: [SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: [wsadmin] java.security.cert.CertPathValidatorException: The certificate issued by CN=wsdevapp2.lifeway.org, OU=Root Certificate, OU=wsdevapp2Cell01, OU=wsdevapp2CellManager01, O=IBM, C=US is not trusted; internal cause is: [wsadmin] java.security.cert.CertPathValidatorException: Certificate chaining error; targetException=java.lang.IllegalArgumentException: Error opening socket: javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: -- View this message in context: http://jenkins.361315.n4.nabble.com/Certificate-chaining-error-tp4658324.html Sent from the Jenkins issues mailing list archive at Nabble.com. -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
