How to user CLI, but ignore SSL issues
274 zobrazení
Přeskočit na první nepřečtenou zprávu
MPechner
27. 10. 2011 15:43:5327.10.11
komu: Jenkins Users
Our internal certificates are untrusted. I always have to add the
exception on the browser. So I get a failure. Is there a java option,
cli jar option or keystore method to for the certificates to be
ignored?
I exported the certificate from firefox as a der and tried importing
it to ~/.keystore as well as the cacerts file under JAVA_HOME.
Neither work.
We renew out certificates annually, so these have to be re installed
every year. So the builds will break once a year. right now I am
just evaluating jenkins to see if it is better than Parabuild.
Anyone run into this? Most everything I read assume I am an engineer
writing code, instead of a user trying to run a command.
The ports and hostnames have been changed to protect the innocent :-D
Error:
mpechner-mbp:~ michael.pechner$ java -jar jenkins-cli.jar -s
https://HIDEME.onlive.com:8888/jenkins help
Exception in thread "main" java.io.IOException: Failed to connect to
https://HIDEME.onlive.com:8888/jenkins/
at hudson.cli.CLI.getCliTcpPort(CLI.java:153)
at hudson.cli.CLI.<init>(CLI.java:94)
at hudson.cli.CLI.<init>(CLI.java:83)
at hudson.cli.CLI._main(CLI.java:267)
at hudson.cli.CLI.main(CLI.java:216)
Caused by: javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: No subject alternative DNS
name matching builda01.pao529.onlive.com found.
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:
174)
exception on the browser. So I get a failure. Is there a java option,
cli jar option or keystore method to for the certificates to be
ignored?
I exported the certificate from firefox as a der and tried importing
it to ~/.keystore as well as the cacerts file under JAVA_HOME.
Neither work.
We renew out certificates annually, so these have to be re installed
every year. So the builds will break once a year. right now I am
just evaluating jenkins to see if it is better than Parabuild.
Anyone run into this? Most everything I read assume I am an engineer
writing code, instead of a user trying to run a command.
The ports and hostnames have been changed to protect the innocent :-D
Error:
mpechner-mbp:~ michael.pechner$ java -jar jenkins-cli.jar -s
https://HIDEME.onlive.com:8888/jenkins help
Exception in thread "main" java.io.IOException: Failed to connect to
https://HIDEME.onlive.com:8888/jenkins/
at hudson.cli.CLI.getCliTcpPort(CLI.java:153)
at hudson.cli.CLI.<init>(CLI.java:94)
at hudson.cli.CLI.<init>(CLI.java:83)
at hudson.cli.CLI._main(CLI.java:267)
at hudson.cli.CLI.main(CLI.java:216)
Caused by: javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: No subject alternative DNS
name matching builda01.pao529.onlive.com found.
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:
174)
Brian Parker
4. 11. 2011 9:25:2104.11.11
komu: jenkins...@googlegroups.com
If you need command line access to the API from other hosts, then I don't have a solution. We allow access to Jenkins via http when from localhost, so that we can script (from localhost).
Cheers,
Brian
Odpovědět všem
Odpověď autorovi
Přeposlat
0 nových zpráv