[JENKINS-13018] The IRC bot cannot connect over SSL to a server with a self-signed cert.

Type: Improvement
Resolution: Unresolved
Priority: Minor
Component/s: ircbot-plugin
Labels:
None

Similar Issues:
Powered by SuggestiMate

Show

The IRC Bot should have a checkbox that allows Jenkins to connect to servers using self-signed SSL certs. This is the error I'm seeing in the logs:

INFO: Jenkins is fully up and running
hudson.plugins.rake.Rvm@809791
Mar 7, 2012 8:33:30 PM hudson.plugins.im.IMConnectionProvider$ConnectorRunnable run
INFO: Trying to reconnect
Mar 7, 2012 8:33:30 PM hudson.plugins.ircbot.v2.IRCConnection connect
INFO: Connecting to irc.geoloqi.com:1337 as jenkins-bot using charset UTF-8
Mar 7, 2012 8:33:31 PM hudson.plugins.ircbot.v2.IRCConnection connect
WARNING: Error connecting to irc: javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Mar 7, 2012 8:33:31 PM hudson.plugins.im.IMConnectionProvider$ConnectorRunnable run
INFO: Reconnect failed. Next connection attempt in 1 minutes

This would avoid having to do a hacky workaround like this:

http://www.erikzaadi.com/2011/09/09/connecting-jenkins-to-self-signed-certificated-servers/

kutzi added a comment - 2012-03-07 21:52

Well, I would consider adding the certificate to your keystore not as a 'workaround', but as the proper way to go but anyway I can have a look at it if time permits.

kutzi added a comment - 2012-03-07 21:52 Well, I would consider adding the certificate to your keystore not as a 'workaround', but as the proper way to go but anyway I can have a look at it if time permits.

Tristan Waddington added a comment - 2012-03-07 22:10 - edited

Hah, you're right of course. Unfortunately, it can be hard to come by the correct cert for some servers, especially ones you don't maintain yourself. This also seems to be a standard option for most IRC clients these days. Thanks!

Tristan Waddington added a comment - 2012-03-07 22:10 - edited Hah, you're right of course. Unfortunately, it can be hard to come by the correct cert for some servers, especially ones you don't maintain yourself. This also seems to be a standard option for most IRC clients these days. Thanks!

charles-erid dessart added a comment - 2012-07-17 16:07

Worked for me http://www.erikzaadi.com/2011/09/09/connecting-jenkins-to-self-signed-certificated-servers/

charles-erid dessart added a comment - 2012-07-17 16:07 Worked for me http://www.erikzaadi.com/2011/09/09/connecting-jenkins-to-self-signed-certificated-servers/

Assignee:: Unassigned

Reporter:: Tristan Waddington

Votes:: 1 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2012-03-07 21:31

Updated:: 2012-11-25 14:05

Jenkins

Details

Description

Attachments

Activity

Collapse comment: kutzi added a comment - 2012-03-07 21:52

Expand comment: kutzi added a comment - 2012-03-07 21:52

Collapse comment: Tristan Waddington added a comment - 2012-03-07 22:10, Edited by Tristan Waddington - 2012-03-07 22:11

Expand comment: Tristan Waddington added a comment - 2012-03-07 22:10, Edited by Tristan Waddington - 2012-03-07 22:11

Collapse comment: charles-erid dessart added a comment - 2012-07-17 16:07

Expand comment: charles-erid dessart added a comment - 2012-07-17 16:07

People

Dates