Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-60896

Vault Plugin SunCertPathBuilderException for Custom CA. Unclear which cacerts to modify.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • hashicorp-vault-plugin

      I've verified that adding the internal certs necessary to the file $JAVA_HOME/jre/lib/security/cacerts, which is what was suggested on the Stackoverflow link, works with SSLPoke.

      But the vault plugin doesn't seem to use this cert bundle. So I tried making one in the suggested directory on the 3.0.0 release page which is $JAVA_HOME/lib/jre/cacerts and verified the contents work with SSLPoke. But that also doesn't work for the plugin.

      I'm willing to send more debugging information if it's needed.

          [JENKINS-60896] Vault Plugin SunCertPathBuilderException for Custom CA. Unclear which cacerts to modify.

          Diana Arrieta created issue -

          Joseph Petersen (old) added a comment -

          It is not the agents that authenticates against Vault it is your Jenkins master.

          So you should add the certificate to the Jenkins master certificate store.

          Joseph Petersen (old) added a comment - It is not the agents that authenticates against Vault it is your Jenkins master. So you should add the certificate to the Jenkins master certificate store.
          Joseph Petersen made changes -
          Comment [ The cert has to be added on the Jenkins master. ]

            ptierno Peter Tierno
            9lives5nines Diana Arrieta
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: