Windows Agent can't connect to Master through JNLP

This issue is archived. You can view it, but you can't modify it. Learn more

XMLWordPrintable

    • Type: Bug
    • Resolution: Unresolved
    • Priority: Blocker
    • Component/s: remoting
    • Environment:
      Jenkins Core 2.32.2.7 running on RHEL 6.8 with JDK 8u121
      Windows Slaves Plugin 1.3.1
      Windows Server 2012 with latest patches and JDK 8u121
      Apache Reverse Proxy with "nocanon" option set

      When executing 

      java -Xmx1g -jar slave.jar -jnlpUrl http://dfvvt01seuops.somebank.somenet/jenkins-iteb/computer/DFVIASTWHUDSON2/slave-agent.jnlp

      I get

      Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main createEngine
      INFORMATION: Setting up slave: DFVIASTWHUDSON2
      Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener <init>
      INFORMATION: Jenkins agent is running in headless mode.
      Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Locating server among http://dfvvt01seuops.somebank.somenet/jenkins-iteb/
      Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Agent discovery successful
      {{ Agent address: dfvvt01seuops.somebank.somenet}}
      {{ Agent port: 50000}}
      {{ Identity: 13:74:a6:18:f1:96:9c:cb:69:57:26:b1:a2:17:f2:c9}}
      Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Handshaking
      Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Connecting to dfvvt01seuops.somebank.somenet:50000
      Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Trying protocol: JNLP4-connect
      Mõr 30, 2017 9:29:36 AM org.jenkinsci.remoting.protocol.impl.SSLEngineFilterLayer onRecv
      SCHWERWIEGEND: [JNLP4-connect connection to dfvvt01seuops.somebank.somenet/10.241.209.26:50000]
      javax.net.ssl.SSLHandshakeException: General SSLEngine problem
      {{ at sun.security.ssl.Handshaker.checkThrown(Unknown Source)}}
      {{ at sun.security.ssl.SSLEngineImpl.checkTaskThrown(Unknown Source)}}
      {{ at sun.security.ssl.SSLEngineImpl.writeAppRecord(Unknown Source)}}
      {{ at sun.security.ssl.SSLEngineImpl.wrap(Unknown Source)}}
      {{ at javax.net.ssl.SSLEngine.wrap(Unknown Source)}}
      {{ at org.jenkinsci.remoting.protocol.impl.SSLEngineFilterLayer.processRead(SSLEngineFilterLayer.java:392)}}
      {{ at org.jenkinsci.remoting.protocol.impl.SSLEngineFilterLayer.onRecv(SSLEngineFilterLayer.java:117)}}
      {{ at org.jenkinsci.remoting.protocol.ProtocolStack$Ptr.onRecv(ProtocolStack.java:669)}}
      {{ at org.jenkinsci.remoting.protocol.NetworkLayer.onRead(NetworkLayer.java:136)}}
      {{ at org.jenkinsci.remoting.protocol.impl.BIONetworkLayer.access$2200(BIONetworkLayer.java:48)}}
      {{ at org.jenkinsci.remoting.protocol.impl.BIONetworkLayer$Reader.run(BIONetworkLayer.java:283)}}
      {{ at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)}}
      {{ at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)}}
      {{ at hudson.remoting.Engine$1$1.run(Engine.java:94)}}
      {{ at java.lang.Thread.run(Unknown Source)}}
      Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
      {{ at sun.security.ssl.Alerts.getSSLException(Unknown Source)}}
      {{ at sun.security.ssl.SSLEngineImpl.fatal(Unknown Source)}}
      {{ at sun.security.ssl.Handshaker.fatalSE(Unknown Source)}}
      {{ at sun.security.ssl.Handshaker.fatalSE(Unknown Source)}}
      {{ at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)}}
      {{ at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)}}
      {{ at sun.security.ssl.Handshaker.processLoop(Unknown Source)}}
      {{ at sun.security.ssl.Handshaker$1.run(Unknown Source)}}
      {{ at sun.security.ssl.Handshaker$1.run(Unknown Source)}}
      {{ at java.security.AccessController.doPrivileged(Native Method)}}
      {{ at sun.security.ssl.Handshaker$DelegatedTask.run(Unknown Source)}}
      {{ at org.jenkinsci.remoting.protocol.impl.SSLEngineFilterLayer.processRead(SSLEngineFilterLayer.java:382)}}
      {{ ... 9 more}}
      Caused by: java.security.cert.CertificateException: Public key of the first certificate in chain (subject: C=US, OU=jenkins.io, O=instances, CN=74df086770b5c378864b03273a8576ae) is
      {{ not in the list of trusted keys}}
      {{ at org.jenkinsci.remoting.protocol.cert.PublicKeyMatchingX509ExtendedTrustManager.checkPublicKey(PublicKeyMatchingX509ExtendedTrustManager.java:216)}}
      {{ at org.jenkinsci.remoting.protocol.cert.PublicKeyMatchingX509ExtendedTrustManager.checkServerTrusted(PublicKeyMatchingX509ExtendedTrustManager.java:263)}}
      {{ at org.jenkinsci.remoting.protocol.cert.DelegatingX509ExtendedTrustManager.checkServerTrusted(DelegatingX509ExtendedTrustManager.java:148)}}
      {{ ... 17 more}}Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Protocol JNLP4-connect encountered an unexpected exception
      java.util.concurrent.ExecutionException: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
      {{ at org.jenkinsci.remoting.util.SettableFuture.get(SettableFuture.java:223)}}
      {{ at hudson.remoting.Engine.innerRun(Engine.java:385)}}
      {{ at hudson.remoting.Engine.run(Engine.java:287)}}
      Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
      {{ at sun.security.ssl.Handshaker.checkThrown(Unknown Source)}}
      {{ at sun.security.ssl.SSLEngineImpl.checkTaskThrown(Unknown Source)}}
      {{ at sun.security.ssl.SSLEngineImpl.writeAppRecord(Unknown Source)}}
      {{ at sun.security.ssl.SSLEngineImpl.wrap(Unknown Source)}}
      {{ at javax.net.ssl.SSLEngine.wrap(Unknown Source)}}
      {{ at org.jenkinsci.remoting.protocol.impl.SSLEngineFilterLayer.processRead(SSLEngineFilterLayer.java:392)}}
      {{ at org.jenkinsci.remoting.protocol.impl.SSLEngineFilterLayer.onRecv(SSLEngineFilterLayer.java:117)}}
      {{ at org.jenkinsci.remoting.protocol.ProtocolStack$Ptr.onRecv(ProtocolStack.java:669)}}
      {{ at org.jenkinsci.remoting.protocol.NetworkLayer.onRead(NetworkLayer.java:136)}}
      {{ at org.jenkinsci.remoting.protocol.impl.BIONetworkLayer.access$2200(BIONetworkLayer.java:48)}}
      {{ at org.jenkinsci.remoting.protocol.impl.BIONetworkLayer$Reader.run(BIONetworkLayer.java:283)}}
      {{ at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)}}
      {{ at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)}}
      {{ at hudson.remoting.Engine$1$1.run(Engine.java:94)}}
      {{ at java.lang.Thread.run(Unknown Source)}}
      Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
      {{ at sun.security.ssl.Alerts.getSSLException(Unknown Source)}}
      {{ at sun.security.ssl.SSLEngineImpl.fatal(Unknown Source)}}
      {{ at sun.security.ssl.Handshaker.fatalSE(Unknown Source)}}
      {{ at sun.security.ssl.Handshaker.fatalSE(Unknown Source)}}
      {{ at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)}}
      {{ at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)}}
      {{ at sun.security.ssl.Handshaker.processLoop(Unknown Source)}}
      {{ at sun.security.ssl.Handshaker$1.run(Unknown Source)}}
      {{ at sun.security.ssl.Handshaker$1.run(Unknown Source)}}
      {{ at java.security.AccessController.doPrivileged(Native Method)}}
      {{ at sun.security.ssl.Handshaker$DelegatedTask.run(Unknown Source)}}
      {{ at org.jenkinsci.remoting.protocol.impl.SSLEngineFilterLayer.processRead(SSLEngineFilterLayer.java:382)}}
      {{ ... 9 more}}
      Caused by: java.security.cert.CertificateException: Public key of the first certificate in chain (subject: C=US, OU=jenkins.io, O=instances, CN=74df086770b5c378864b03273a8576ae) is
      {{ not in the list of trusted keys}}
      {{ at org.jenkinsci.remoting.protocol.cert.PublicKeyMatchingX509ExtendedTrustManager.checkPublicKey(PublicKeyMatchingX509ExtendedTrustManager.java:216)}}
      {{ at org.jenkinsci.remoting.protocol.cert.PublicKeyMatchingX509ExtendedTrustManager.checkServerTrusted(PublicKeyMatchingX509ExtendedTrustManager.java:263)}}
      {{ at org.jenkinsci.remoting.protocol.cert.DelegatingX509ExtendedTrustManager.checkServerTrusted(DelegatingX509ExtendedTrustManager.java:148)}}
      {{ ... 17 more}}Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Connecting to dfvvt01seuops.somebank.somenet:50000
      Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Server reports protocol JNLP4-plaintext not supported, skipping
      Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Trying protocol: JNLP3-connect
      Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Protocol JNLP3-connect encountered an unexpected exception
      java.util.concurrent.ExecutionException: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: JNLP3-connect: Incorrect challenge response from master
      {{ at java.util.concurrent.FutureTask.report(Unknown Source)}}
      {{ at java.util.concurrent.FutureTask.get(Unknown Source)}}
      {{ at hudson.remoting.Engine.innerRun(Engine.java:385)}}
      {{ at hudson.remoting.Engine.run(Engine.java:287)}}
      Caused by: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: JNLP3-connect: Incorrect challenge response from master
      {{ at org.jenkinsci.remoting.engine.JnlpProtocol3Handler.sendHandshake(JnlpProtocol3Handler.java:213)}}
      {{ at org.jenkinsci.remoting.engine.JnlpProtocol3Handler.sendHandshake(JnlpProtocol3Handler.java:123)}}
      {{ at org.jenkinsci.remoting.engine.LegacyJnlpProtocolHandler$2.call(LegacyJnlpProtocolHandler.java:162)}}
      {{ at org.jenkinsci.remoting.engine.LegacyJnlpProtocolHandler$2.call(LegacyJnlpProtocolHandler.java:158)}}
      {{ at java.util.concurrent.FutureTask.run(Unknown Source)}}
      {{ at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)}}
      {{ at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)}}
      {{ at hudson.remoting.Engine$1$1.run(Engine.java:94)}}
      {{ at java.lang.Thread.run(Unknown Source)}}Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Connecting to dfvvt01seuops.somebank.somenet:50000
      Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Trying protocol: JNLP2-connect
      Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Protocol JNLP2-connect encountered an unexpected exception
      java.util.concurrent.ExecutionException: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Server didn't accept the handshake:
      {{ at java.util.concurrent.FutureTask.report(Unknown Source)}}
      {{ at java.util.concurrent.FutureTask.get(Unknown Source)}}
      {{ at hudson.remoting.Engine.innerRun(Engine.java:385)}}
      {{ at hudson.remoting.Engine.run(Engine.java:287)}}
      Caused by: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Server didn't accept the handshake:
      {{ at org.jenkinsci.remoting.engine.JnlpProtocol2Handler.sendHandshake(JnlpProtocol2Handler.java:134)}}
      {{ at org.jenkinsci.remoting.engine.LegacyJnlpProtocolHandler$2.call(LegacyJnlpProtocolHandler.java:162)}}
      {{ at org.jenkinsci.remoting.engine.LegacyJnlpProtocolHandler$2.call(LegacyJnlpProtocolHandler.java:158)}}
      {{ at java.util.concurrent.FutureTask.run(Unknown Source)}}
      {{ at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)}}
      {{ at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)}}
      {{ at hudson.remoting.Engine$1$1.run(Engine.java:94)}}
      {{ at java.lang.Thread.run(Unknown Source)}}Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Connecting to dfvvt01seuops.somebank.somenet:50000
      Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Trying protocol: JNLP-connect
      Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener status
      INFORMATION: Protocol JNLP-connect encountered an unexpected exception
      java.util.concurrent.ExecutionException: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Server didn't accept the handshake:
      {{ at java.util.concurrent.FutureTask.report(Unknown Source)}}
      {{ at java.util.concurrent.FutureTask.get(Unknown Source)}}
      {{ at hudson.remoting.Engine.innerRun(Engine.java:385)}}
      {{ at hudson.remoting.Engine.run(Engine.java:287)}}
      Caused by: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Server didn't accept the handshake:
      {{ at org.jenkinsci.remoting.engine.JnlpProtocol1Handler.sendHandshake(JnlpProtocol1Handler.java:121)}}
      {{ at org.jenkinsci.remoting.engine.LegacyJnlpProtocolHandler$2.call(LegacyJnlpProtocolHandler.java:162)}}
      {{ at org.jenkinsci.remoting.engine.LegacyJnlpProtocolHandler$2.call(LegacyJnlpProtocolHandler.java:158)}}
      {{ at java.util.concurrent.FutureTask.run(Unknown Source)}}
      {{ at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)}}
      {{ at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)}}
      {{ at hudson.remoting.Engine$1$1.run(Engine.java:94)}}
      {{ at java.lang.Thread.run(Unknown Source)}}Mõr 30, 2017 9:29:36 AM hudson.remoting.jnlp.Main$CuiListener error
      SCHWERWIEGEND: The server rejected the connection: None of the protocols were accepted
      java.lang.Exception: The server rejected the connection: None of the protocols were accepted
      {{ at hudson.remoting.Engine.onConnectionRejected(Engine.java:484)}}
      {{ at hudson.remoting.Engine.innerRun(Engine.java:448)}}
      {{ at hudson.remoting.Engine.run(Engine.java:287)}} 

      I don't care for the JNLP3 and JNLP4 issues right now (because I don't need encryption at the moment), but I would expect at least JNLP2 to work. Looks like JENKINS-39232 is not fixed after all.

      Related: JENKINS-39232, JENKINS-40668

        1. image-2018-09-19-12-09-33-563.png
          image-2018-09-19-12-09-33-563.png
          42 kB
        2. jenkins-43210-issue.txt
          9 kB

            Assignee:
            bcygan
            Reporter:
            bcygan
            Archiver:
            Jenkins Service Account

              Created:
              Updated:
              Archived: