Jenkins with LDAPS for Authentication

277 views

Skip to first unread message

Nick T

unread,

Apr 1, 2015, 10:44:55 PM4/1/15

to jenkins...@googlegroups.com

I had this working on a previous Jenkins deployment, now I'm stumped. I imported my internal CA with the keytool. Once I did that I now get a new error. Has anyone ran into this problem?

[Root exception is javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate secret]

Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate secret
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1894)
	at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1877)
	at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1803)
	at sun.security.ssl.AppInputStream.read(AppInputStream.java:116)
	at java.io.BufferedInputStream.fill(BufferedInputStream.java:246)
	at java.io.BufferedInputStream.read1(BufferedInputStream.java:286)
	at java.io.BufferedInputStream.read(BufferedInputStream.java:345)
	at com.sun.jndi.ldap.Connection.run(Connection.java:848)
	... 1 more
Caused by: java.lang.RuntimeException: Could not generate secret
	at sun.security.ssl.ECDHCrypt.getAgreedSecret(ECDHCrypt.java:98)
	at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1036)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:344)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:957)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:892)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
	at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:916)
	at sun.security.ssl.AppInputStream.read(AppInputStream.java:105)
	... 5 more
Caused by: java.security.InvalidKeyException: ECDH key agreement requires ECPublicKey for doPhase
	at org.bouncycastle.jcajce.provider.asymmetric.ec.KeyAgreementSpi.engineDoPhase(Unknown Source)
	at javax.crypto.KeyAgreement.doPhase(KeyAgreement.java:552)
	at sun.security.ssl.ECDHCrypt.getAgreedSecret(ECDHCrypt.java:95)
	... 13 more

Nick T

unread,

Apr 1, 2015, 11:21:36 PM4/1/15

to jenkins...@googlegroups.com

I downgraded from Java 1.8 to 1.7 and it works now.

Reply all

Reply to author

Forward

0 new messages