您的位置: 首页  >  技术问答  >  詹金斯不能部署由于自签名的认证文件

詹金斯不能部署由于自签名的认证文件

分类: 技术问答 2022-09-29 19:48:58
问题描述:

我们做了Java密钥库,并配置了詹金斯如下所示:詹金斯不能部署由于自签名的认证文件

<Connector 
      protocol="org.apache.coyote.http11.Http11NioProtocol" 
      port="8443" maxThreads="200" 
      scheme="https" secure="true" SSLEnabled="true" 
      keystoreFile="${user.home}/ourkeystore.keystore" keystorePass="ourpassword" 
      clientAuth="false" sslProtocol="TLS"/>

但詹金斯显示以下内容:

org.codehaus.cargo.container.ContainerException: Failed to redeploy [C:\Program Files (x86)\Jenkins\workspace\Courseka - Backend\build\libs\campus.war] 
    at org.codehaus.cargo.container.tomcat.internal.AbstractTomcatManagerDeployer.redeploy(AbstractTomcatManagerDeployer.java:193) 
    at hudson.plugins.deploy.CargoContainerAdapter.deploy(CargoContainerAdapter.java:73) 
    at hudson.plugins.deploy.CargoContainerAdapter$1.invoke(CargoContainerAdapter.java:116) 
    at hudson.plugins.deploy.CargoContainerAdapter$1.invoke(CargoContainerAdapter.java:103) 
    at hudson.FilePath.act(FilePath.java:996) 
    at hudson.FilePath.act(FilePath.java:974) 
    at hudson.plugins.deploy.CargoContainerAdapter.redeploy(CargoContainerAdapter.java:103) 
    at hudson.plugins.deploy.DeployPublisher.perform(DeployPublisher.java:61) 
    at hudson.tasks.BuildStepMonitor$3.perform(BuildStepMonitor.java:45) 
    at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:779) 
    at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:720) 
    at hudson.model.Build$BuildExecution.post2(Build.java:186) 
    at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:665) 
    at hudson.model.Run.execute(Run.java:1753) 
    at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43) 
    at hudson.model.ResourceController.execute(ResourceController.java:98) 
    at hudson.model.Executor.run(Executor.java:405) 
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.ssl.Alerts.getSSLException(Unknown Source) 
    at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) 
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source) 
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source) 
    at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) 
    at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) 
    at sun.security.ssl.Handshaker.processLoop(Unknown Source) 
    at sun.security.ssl.Handshaker.process_record(Unknown Source) 
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) 
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) 
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) 
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) 
    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) 
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) 
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source) 
    at org.codehaus.cargo.container.tomcat.internal.TomcatManager.invoke(TomcatManager.java:534) 
    at org.codehaus.cargo.container.tomcat.internal.TomcatManager.list(TomcatManager.java:686) 
    at org.codehaus.cargo.container.tomcat.internal.TomcatManager.getStatus(TomcatManager.java:699) 
    at org.codehaus.cargo.container.tomcat.internal.AbstractTomcatManagerDeployer.redeploy(AbstractTomcatManagerDeployer.java:174) 
    ... 16 more 
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.validator.PKIXValidator.doBuild(Unknown Source) 
    at sun.security.validator.PKIXValidator.engineValidate(Unknown Source) 
    at sun.security.validator.Validator.validate(Unknown Source) 
    at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source) 
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source) 
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source) 
    ... 31 more 
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source) 
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source) 
    at java.security.cert.CertPathBuilder.build(Unknown Source) 
    ... 37 more 
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.ssl.Alerts.getSSLException(Unknown Source) 
    at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) 
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source) 
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source) 
    at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) 
    at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) 
    at sun.security.ssl.Handshaker.processLoop(Unknown Source) 
    at sun.security.ssl.Handshaker.process_record(Unknown Source) 
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) 
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) 
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) 
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) 
    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) 
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) 
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source) 
    at org.codehaus.cargo.container.tomcat.internal.TomcatManager.invoke(TomcatManager.java:534) 
    at org.codehaus.cargo.container.tomcat.internal.TomcatManager.list(TomcatManager.java:686) 
    at org.codehaus.cargo.container.tomcat.internal.TomcatManager.getStatus(TomcatManager.java:699) 
    at org.codehaus.cargo.container.tomcat.internal.AbstractTomcatManagerDeployer.redeploy(AbstractTomcatManagerDeployer.java:174) 
    at hudson.plugins.deploy.CargoContainerAdapter.deploy(CargoContainerAdapter.java:73) 
    at hudson.plugins.deploy.CargoContainerAdapter$1.invoke(CargoContainerAdapter.java:116) 
    at hudson.plugins.deploy.CargoContainerAdapter$1.invoke(CargoContainerAdapter.java:103) 
    at hudson.FilePath.act(FilePath.java:996) 
    at hudson.FilePath.act(FilePath.java:974) 
    at hudson.plugins.deploy.CargoContainerAdapter.redeploy(CargoContainerAdapter.java:103) 
    at hudson.plugins.deploy.DeployPublisher.perform(DeployPublisher.java:61) 
    at hudson.tasks.BuildStepMonitor$3.perform(BuildStepMonitor.java:45) 
    at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:779) 
    at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:720) 
    at hudson.model.Build$BuildExecution.post2(Build.java:186) 
    at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:665) 
    at hudson.model.Run.execute(Run.java:1753) 
    at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43) 
    at hudson.model.ResourceController.execute(ResourceController.java:98) 
    at hudson.model.Executor.run(Executor.java:405) 
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.validator.PKIXValidator.doBuild(Unknown Source) 
    at sun.security.validator.PKIXValidator.engineValidate(Unknown Source) 
    at sun.security.validator.Validator.validate(Unknown Source) 
    at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source) 
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source) 
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source) 
    ... 31 more 
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source) 
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source) 
    at java.security.cert.CertPathBuilder.build(Unknown Source) 
    ... 37 more 
Build step 'Deploy war/ear to a container' marked build as failure 
Finished: FAILURE

一些google搜索后,似乎原因是我们的证书无效,因为它不是真实的证书,而是自签名的证书。有没有办法让Jenkins部署呢?

我强烈建议在Jenkins中使用自签名证书时使用Skip Certificate Check Plugin。在某些情况下(听起来你的是其中之一),这是最不容易抵抗的最合乎逻辑的途径。

根据该插件的描述:

这是一个插件,它JVM旁路所有的HTTPS证书检查。如果您处理自签名证书等,方便。谨慎使用。

您只需安装插件;无需配置。

相关推荐