Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-60896

Vault Plugin SunCertPathBuilderException for Custom CA. Unclear which cacerts to modify.

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • hashicorp-vault-plugin

      I've verified that adding the internal certs necessary to the file $JAVA_HOME/jre/lib/security/cacerts, which is what was suggested on the Stackoverflow link, works with SSLPoke.

      But the vault plugin doesn't seem to use this cert bundle. So I tried making one in the suggested directory on the 3.0.0 release page which is $JAVA_HOME/lib/jre/cacerts and verified the contents work with SSLPoke. But that also doesn't work for the plugin.

      I'm willing to send more debugging information if it's needed.

          [JENKINS-60896] Vault Plugin SunCertPathBuilderException for Custom CA. Unclear which cacerts to modify.

          It is not the agents that authenticates against Vault it is your Jenkins master.

          So you should add the certificate to the Jenkins master certificate store.

          Joseph Petersen (old) added a comment - It is not the agents that authenticates against Vault it is your Jenkins master. So you should add the certificate to the Jenkins master certificate store.

            ptierno Peter Tierno
            9lives5nines Diana Arrieta
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: