Details
-
Bug
-
Resolution: Fixed
-
Major
-
Jenkins ver. 2.204.5
swarm 3.18
-
-
3.19
Description
javax.net.ssl.SSLPeerUnverifiedException: Certificate for <jenkins.xx.yy> doesn't match any of the subject alternative names: [jenkins.xx.yy, other_name.xx.yy]
at shaded.org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507)
at shaded.org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437)
at shaded.org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
at shaded.org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
at shaded.org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
at shaded.org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
at shaded.org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at shaded.org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
at shaded.org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at shaded.org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at shaded.org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at shaded.org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at hudson.plugins.swarm.SwarmClient.discoverFromMasterUrl(SwarmClient.java:142)
at hudson.plugins.swarm.Client.run(Client.java:150)
at hudson.plugins.swarm.Client.main(Client.java:128)
The fix seems to be available in httpclient 4.5.12 https://downloads.apache.org/httpcomponents/httpclient/RELEASE_NOTES-4.5.x.txt
The bug surfaced when I updated the agent machine last week and it pulled the new plugin.
Curl verifies the certificate fine, as do browsers
Attachments
Issue Links
- links to
