Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-35389

Gerrit-Trigger cannot connect to gerrit Rest API though https (certificate error)

    XMLWordPrintable

Details

    • Bug
    • Status: Open (View Workflow)
    • Critical
    • Resolution: Unresolved
    • gerrit-trigger-plugin
    • None
    • Jenkins: 1.651.2
      gerrit-trigger-plugin: 2.21.0

    Description

      I have a nginx reverse proxy in front of many website to handle SSL certificates. So it using virtual host (by name), and one certificate for each virtual host. My gerrit running behind this reverse proxy.
      Gerrit has events-log plugin installed, and https certificate is signed by public CA root.

      Now when I config gerrit-trigger-plugin to talk to gerrit, it keep complaining SSLHandShake error because cannot recognize certificate.

      After many debug, I found that gerrit-trigger-plugin using deprecated HttpClient APIs, which cause gerrit-trigger-plugin connect to the IP instead of hostname to do handshake, so it getting wrong certificate.

      Attachments

        Activity

          Descending order - Click to sort in ascending order
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Robert Sandell
          Path:
          src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/GerritPluginChecker.java
          src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/HttpUtils.java
          http://jenkins-ci.org/commit/gerrit-trigger-plugin/cf7401aad7a278961341952320570e105bf24dbc
          Log:
          Merge pull request #287 from Noodle05/master

          JENKINS-35389:

          Compare: https://github.com/jenkinsci/gerrit-trigger-plugin/compare/33957ae997ed...cf7401aad7a2

          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Robert Sandell Path: src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/GerritPluginChecker.java src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/HttpUtils.java http://jenkins-ci.org/commit/gerrit-trigger-plugin/cf7401aad7a278961341952320570e105bf24dbc Log: Merge pull request #287 from Noodle05/master JENKINS-35389 : Compare: https://github.com/jenkinsci/gerrit-trigger-plugin/compare/33957ae997ed...cf7401aad7a2
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Wei Gao
          Path:
          src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/GerritPluginChecker.java
          src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/HttpUtils.java
          http://jenkins-ci.org/commit/gerrit-trigger-plugin/0e0d38b8402625f567a0a0f2d1b08a73ed421078
          Log:
          JENKINS-35389: Use deprecated API will cause getting wrong certificate from gerrit https url.

          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Wei Gao Path: src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/GerritPluginChecker.java src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/HttpUtils.java http://jenkins-ci.org/commit/gerrit-trigger-plugin/0e0d38b8402625f567a0a0f2d1b08a73ed421078 Log: JENKINS-35389 : Use deprecated API will cause getting wrong certificate from gerrit https url.
          weigao Wei Gao added a comment -

          Generated by "git diff" command

          weigao Wei Gao added a comment - Generated by "git diff" command
          weigao Wei Gao added a comment -

          Here is a fix diff. I don't know checkin process, so just attach the patch here.

          weigao Wei Gao added a comment - Here is a fix diff. I don't know checkin process, so just attach the patch here.

          People

            rsandell rsandell
            weigao Wei Gao
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: