-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
This is running on Mac OS X 10.8.4
Campfire recently changed their SSL configuration to a new set of preferred ciphers and this plugin randomly fails with the following exception:
ERROR: Publisher hudson.plugins.campfire.CampfireNotifier aborted due to exception
java.lang.RuntimeException: javax.net.ssl.SSLProtocolException: Server returned wrong cipher suite for session
at hudson.plugins.campfire.Campfire.post(Campfire.java:77)
at hudson.plugins.campfire.Room.speak(Room.java:29)
at hudson.plugins.campfire.CampfireNotifier.publish(CampfireNotifier.java:121)
at hudson.plugins.campfire.CampfireNotifier.perform(CampfireNotifier.java:184)
at hudson.tasks.BuildStepMonitor$3.perform(BuildStepMonitor.java:45)
at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:782)
at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:754)
at hudson.model.Build$BuildExecution.post2(Build.java:183)
at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:707)
at hudson.model.Run.execute(Run.java:1628)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:46)
at hudson.model.ResourceController.execute(ResourceController.java:88)
at hudson.model.Executor.run(Executor.java:246)
Caused by: javax.net.ssl.SSLProtocolException: Server returned wrong cipher suite for session
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHello(ClientHandshaker.java:438)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:125)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:943)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:654)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:100)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at org.apache.commons.httpclient.methods.StringRequestEntity.writeRequest(StringRequestEntity.java:146)
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at hudson.plugins.campfire.Campfire.post(Campfire.java:75)
... 12 more
[JENKINS-19590] Campfire Plugin failing SSL check after upgrading Jenkins to latest 1.530
Toland Hon
created issue -
Toland Hon
added a comment - Nevermind. That didn't fix it. Also tried adding to Java's cacert keystore and that didnt work either.
Toland Hon
added a comment - Nevermind. That didn't fix it. Also tried adding to Java's cacert keystore and that didnt work either. 
Coleman
added a comment - Seems unrelated to Mac OS X. We are running into this issue as well on Linux since upgrading Jenkins to 1.530+.
We are now unable to use the campfire plugin as non-SSL does not work for us (separate issue it seems).
I also tried adding the campfire cert to the global keystore but that did not fix the issue.
keytool -list | grep campfire
*.campfire.com, Sep 19, 2013, trustedCertEntry,
Coleman
added a comment - Seems unrelated to Mac OS X. We are running into this issue as well on Linux since upgrading Jenkins to 1.530+.
We are now unable to use the campfire plugin as non-SSL does not work for us (separate issue it seems).
I also tried adding the campfire cert to the global keystore but that did not fix the issue.
keytool -list | grep campfire
*.campfire.com, Sep 19, 2013, trustedCertEntry, Coleman
added a comment - This offer is registered on FreedomSponsors (http://www.freedomsponsors.org/core/issue/352/campfire-plugin-failing-ssl-check-after-upgrading-jenkins-to-latest-1530).
If you solve it (according to the acceptance criteria described there), please register on FreedomSponsors and mark it as resolved there
I'll then check it out and gladly pay up!
Oh, and if anyone else also wants throw in a few bucks on this, you should check out FreedomSponsors!
Coleman
added a comment - This offer is registered on FreedomSponsors ( http://www.freedomsponsors.org/core/issue/352/campfire-plugin-failing-ssl-check-after-upgrading-jenkins-to-latest-1530 ).
If you solve it (according to the acceptance criteria described there), please register on FreedomSponsors and mark it as resolved there
I'll then check it out and gladly pay up!
Oh, and if anyone else also wants throw in a few bucks on this, you should check out FreedomSponsors! Toland Hon
added a comment - I'm not sure if this matters, but we've tried reverting back to jenkins 1.519 as well as trying jenkins-lts (1.509.3), but the campfire plugin still gave the same error.
Toland Hon
added a comment - I'm not sure if this matters, but we've tried reverting back to jenkins 1.519 as well as trying jenkins-lts (1.509.3), but the campfire plugin still gave the same error. Coleman
added a comment - It appears we are mirroring each other.
I just tried the same thing (reverting to 1.509.3) and got the same error with the campfire plugin.
Coleman
added a comment - It appears we are mirroring each other.
I just tried the same thing (reverting to 1.509.3) and got the same error with the campfire plugin. Toland Hon
added a comment - I got a response from 37Signals / Campfire when I inquired if there was any SSL configuration changes:
--------------------
Hi there!
Thanks for getting in touch and happy Friday!
Sorry to hear that you're having some trouble with the API. We recently changed our preferred ciphers to prefer a variant that's more secure.
If you try updating the jdk version, that should then work fine for you.
I hope this helps, but please feel free to give me a shout if you need any more help!
Have a great Friday and an awesome weekend!
Chris Joyce
37signals Customer Support
Manchester, UK (2am - 11am CST)
--------------------
Toland Hon
added a comment - I got a response from 37Signals / Campfire when I inquired if there was any SSL configuration changes:
--------------------
Hi there!
Thanks for getting in touch and happy Friday!
Sorry to hear that you're having some trouble with the API. We recently changed our preferred ciphers to prefer a variant that's more secure.
If you try updating the jdk version, that should then work fine for you.
I hope this helps, but please feel free to give me a shout if you need any more help!
Have a great Friday and an awesome weekend!
Chris Joyce
37signals Customer Support
Manchester, UK (2am - 11am CST)
-------------------- Coleman
added a comment - I updated the JRE version from 1.6 to 1.7 (1.7.0_25-mockbuild_2013_07_01_09_31-b00) and now get this error
ERROR: Publisher hudson.plugins.campfire.CampfireNotifier aborted due to exception java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake at hudson.plugins.campfire.Campfire.post(Campfire.java:77) at hudson.plugins.campfire.Room.speak(Room.java:29) at hudson.plugins.campfire.CampfireNotifier.publish(CampfireNotifier.java:121) at hudson.plugins.campfire.CampfireNotifier.perform(CampfireNotifier.java:184) at hudson.tasks.BuildStepMonitor$3.perform(BuildStepMonitor.java:45) at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:782) at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:754) at hudson.model.Build$BuildExecution.post2(Build.java:183) at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:707) at hudson.model.Run.execute(Run.java:1629) at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:46) at hudson.model.ResourceController.execute(ResourceController.java:88) at hudson.model.Executor.run(Executor.java:246) Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:946) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:702) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) at org.apache.commons.httpclient.methods.StringRequestEntity.writeRequest(StringRequestEntity.java:146) at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499) at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) at hudson.plugins.campfire.Campfire.post(Campfire.java:75) ... 12 more Caused by: java.io.EOFException: SSL peer shut down incorrectly at sun.security.ssl.InputRecord.read(InputRecord.java:482) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927) ... 26 more
Coleman
added a comment - I updated the JRE version from 1.6 to 1.7 (1.7.0_25-mockbuild_2013_07_01_09_31-b00) and now get this error
CampfireError
ERROR: Publisher hudson.plugins.campfire.CampfireNotifier aborted due to exception
java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at hudson.plugins.campfire.Campfire.post(Campfire.java:77)
at hudson.plugins.campfire.Room.speak(Room.java:29)
at hudson.plugins.campfire.CampfireNotifier.publish(CampfireNotifier.java:121)
at hudson.plugins.campfire.CampfireNotifier.perform(CampfireNotifier.java:184)
at hudson.tasks.BuildStepMonitor$3.perform(BuildStepMonitor.java:45)
at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:782)
at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:754)
at hudson.model.Build$BuildExecution.post2(Build.java:183)
at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:707)
at hudson.model.Run.execute(Run.java:1629)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:46)
at hudson.model.ResourceController.execute(ResourceController.java:88)
at hudson.model.Executor.run(Executor.java:246)
Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:946)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:702)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at org.apache.commons.httpclient.methods.StringRequestEntity.writeRequest(StringRequestEntity.java:146)
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at hudson.plugins.campfire.Campfire.post(Campfire.java:75)
... 12 more
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at sun.security.ssl.InputRecord.read(InputRecord.java:482)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927)
... 26 more
I believe this was caused by a recent Java update that Apple pushed down.
The error above happens when Java tries to prompt the user to accept some new security changes or trust the certificate, but since Jenkins has no UI, it just crashes with the above exception.
To fix it, download the SSL certificate and import it into System > Certificates on your machine's keychain.