-
Bug
-
Resolution: Not A Defect
-
Minor
-
None
-
jenkins version: 2.303.2
audit tail version: 3.10
When configuring the elasticsearch https endpoint for audit-trail plugin I receive this Warning:
2021-10-27 08:38:48.185+0000 [id=265] WARNING h.p.a.ElasticSearchAuditLogger#log: Audit event not sent to Elastic Search server: /configSubmit by admin from XXX.XXX.XXX.XXX - hudson.plugins.audit_trail.ElasticSearchAuditLogger$ElasticSearchSender@42fe55a5 sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Caused: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
The rights for the user used to push logs are ok, credentials ok, but I'm using self signed certificates for the elasticsearch cluster v7.11.2 OR it's requesting client certificates ? I don't understand the exact issue.
[JENKINS-66987] Audit Trail ignore self signed certificates for elasticsearch
screwyy sorry I wasn't assigned to the issue so I never received any notification. I guess you probably sorted things out since you opened this, but here are a few pointers.
Since you are using a self certificate for your ES cluster, you need to let the JVM running Jenkins know about this self signed certificate. The way to do that depends on your setup, but usually you would like to install the certificate to the JVM trustore. Here is a link explaining a bit the process: https://support.cloudbees.com/hc/en-us/articles/203821254.
Closing as this is a question about self signed certificate, not an issue with the plugin.
Admin information: moved this issue from "Infrastructure" to "Jenkins" project.