Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-63265

Jenkins throws connection error for valid github app credentials

    XMLWordPrintable

    Details

    • Similar Issues:
    • Released As:
      github-branch-source-2.9.0

      Description

      If your github app private key contains these 3 letters - "RSA", Jenkins wrongly identifies it as PKCS#1 format key and throws the below error.
      “Private key must be a PKCS#8 formatted string, to convert it from PKCS#1 use: openssl pkcs8 -topk8 -inform PEM -outform PEM -in current-key.pem -out new-key.pem -nocrypt”

       

      The problem is with the code https://github.com/jenkinsci/github-branch-source-plugin/blob/master/src/main/java/org/jenkinsci/plugins/github_branch_source/JwtHelper.java#L63.
      I believe the code should either check for the complete string “BEGIN RSA PRIVATE KEY” or just the RSA word with spaces - “ RSA “.

        Attachments

          Activity

          prabinbanka Prabin Banka created issue -
          prabinbanka Prabin Banka made changes -
          Field Original Value New Value
          Description If your github app private key contain a word named "RSA", Jenkins wrongly identifies it as PKCS#1 format key and throws the below error.
           “Private key must be a PKCS#8 formatted string, to convert it from PKCS#1 use: openssl pkcs8 -topk8 -inform PEM -outform PEM -in current-key.pem -out new-key.pem -nocrypt”

           

          The problem is with the code [https://github.com/jenkinsci/github-branch-source-plugin/blob/master/src/main/java/org/jenkinsci/plugins/github_branch_source/JwtHelper.java#L63].
           I believe the code should either check for the complete string “BEGIN RSA PRIVATE KEY” or just the RSA word with spaces - “ RSA “.
          If your github app private key contains these 3 letters - "RSA", Jenkins wrongly identifies it as PKCS#1 format key and throws the below error.
           “Private key must be a PKCS#8 formatted string, to convert it from PKCS#1 use: openssl pkcs8 -topk8 -inform PEM -outform PEM -in current-key.pem -out new-key.pem -nocrypt”

           

          The problem is with the code [https://github.com/jenkinsci/github-branch-source-plugin/blob/master/src/main/java/org/jenkinsci/plugins/github_branch_source/JwtHelper.java#L63].
           I believe the code should either check for the complete string “BEGIN RSA PRIVATE KEY” or just the RSA word with spaces - “ RSA “.
          prabinbanka Prabin Banka made changes -
          Status Open [ 1 ] In Progress [ 3 ]
          bitwiseman Liam Newman made changes -
          Resolution Fixed [ 1 ]
          Status In Progress [ 3 ] Fixed but Unreleased [ 10203 ]
          bitwiseman Liam Newman made changes -
          Released As github-branch-source-2.9.0
          Status Fixed but Unreleased [ 10203 ] Closed [ 6 ]

            People

            Assignee:
            prabinbanka Prabin Banka
            Reporter:
            prabinbanka Prabin Banka
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: