Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-72249

can not connect JNLP4 agents to controller with BC-FIPS configured

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • instance-identity-module
    • None
    • JVM with BouncyCastle-FIPS installed.
    • instance-identity:185.v303dc7c645f9

      when the JVM is configured to use bouncycastle-fips the agents can not connect to JNLP-4 based remoting due to an incompatibility between the classes in the fips and non fips variety of bouncycastle.

      Oct 24, 2023 2:03:26 PM INFO jenkins.model.identity.InstanceIdentityProvider$KeyTypes getCertificate
Encountered an error while consulting instance identity provider org.jenkinsci.main.modules.instance_identity.InstanceIdentityRSAProvider@5b8b62a0
java.lang.ClassNotFoundException: org.bouncycastle.crypto.params.AsymmetricKeyParameter
 at java.base/java.net.URLClassLoader.findClass(URLClassLoader.java:476)
 at jenkins.util.URLClassLoader2.findClass(URLClassLoader2.java:35)
 at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:594)
 at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:527)
Caused: java.lang.NoClassDefFoundError: org/bouncycastle/crypto/params/AsymmetricKeyParameter
 at org.jenkinsci.main.modules.instance_identity.InstanceIdentity.getCertificate(InstanceIdentity.java:163)
 at org.jenkinsci.main.modules.instance_identity.InstanceIdentityRSAProvider.getCertificate(InstanceIdentityRSAProvider.java:48)
 at jenkins.model.identity.InstanceIdentityProvider$KeyTypes.getCertificate(InstanceIdentityProvider.java:299)
 at jenkins.slaves.JnlpSlaveAgentProtocol4.init(JnlpSlaveAgentProtocol4.java:86)
 at jenkins.slaves.JnlpSlaveAgentProtocol4.handle(JnlpSlaveAgentProtocol4.java:158)
 at hudson.TcpSlaveAgentListener$ConnectionHandler.run(TcpSlaveAgentListener.java:276)

          [JENKINS-72249] can not connect JNLP4 agents to controller with BC-FIPS configured

          James Nord created issue -
          Daniel Beck made changes -
          Description Original: when the JVMis configured to use bouncycastle-fips the agents can not connect to JNLP-4 based remoting due to an incompatability between the classes in the fips and non fips variety.


          {code:java}
          Oct 24, 2023 2:03:26 PM INFO jenkins.model.identity.InstanceIdentityProvider$KeyTypes getCertificate
          Encountered an error while consulting instance identity provider org.jenkinsci.main.modules.instance_identity.InstanceIdentityRSAProvider@5b8b62a0
          java.lang.ClassNotFoundException: org.bouncycastle.crypto.params.AsymmetricKeyParameter
           at java.base/java.net.URLClassLoader.findClass(URLClassLoader.java:476)
           at jenkins.util.URLClassLoader2.findClass(URLClassLoader2.java:35)
           at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:594)
           at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:527)
          Caused: java.lang.NoClassDefFoundError: org/bouncycastle/crypto/params/AsymmetricKeyParameter
           at org.jenkinsci.main.modules.instance_identity.InstanceIdentity.getCertificate(InstanceIdentity.java:163)
           at org.jenkinsci.main.modules.instance_identity.InstanceIdentityRSAProvider.getCertificate(InstanceIdentityRSAProvider.java:48)
           at jenkins.model.identity.InstanceIdentityProvider$KeyTypes.getCertificate(InstanceIdentityProvider.java:299)
           at jenkins.slaves.JnlpSlaveAgentProtocol4.init(JnlpSlaveAgentProtocol4.java:86)
           at jenkins.slaves.JnlpSlaveAgentProtocol4.handle(JnlpSlaveAgentProtocol4.java:158)
           at hudson.TcpSlaveAgentListener$ConnectionHandler.run(TcpSlaveAgentListener.java:276) {code}           		New: when the JVMis configured to use bouncycastle-fips the agents can not connect to JNLP-4 based remoting due to an incompatibility between the classes in the fips and non fips variety.
          {code:java}
          Oct 24, 2023 2:03:26 PM INFO jenkins.model.identity.InstanceIdentityProvider$KeyTypes getCertificate
          Encountered an error while consulting instance identity provider org.jenkinsci.main.modules.instance_identity.InstanceIdentityRSAProvider@5b8b62a0
          java.lang.ClassNotFoundException: org.bouncycastle.crypto.params.AsymmetricKeyParameter
           at java.base/java.net.URLClassLoader.findClass(URLClassLoader.java:476)
           at jenkins.util.URLClassLoader2.findClass(URLClassLoader2.java:35)
           at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:594)
           at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:527)
          Caused: java.lang.NoClassDefFoundError: org/bouncycastle/crypto/params/AsymmetricKeyParameter
           at org.jenkinsci.main.modules.instance_identity.InstanceIdentity.getCertificate(InstanceIdentity.java:163)
           at org.jenkinsci.main.modules.instance_identity.InstanceIdentityRSAProvider.getCertificate(InstanceIdentityRSAProvider.java:48)
           at jenkins.model.identity.InstanceIdentityProvider$KeyTypes.getCertificate(InstanceIdentityProvider.java:299)
           at jenkins.slaves.JnlpSlaveAgentProtocol4.init(JnlpSlaveAgentProtocol4.java:86)
           at jenkins.slaves.JnlpSlaveAgentProtocol4.handle(JnlpSlaveAgentProtocol4.java:158)
           at hudson.TcpSlaveAgentListener$ConnectionHandler.run(TcpSlaveAgentListener.java:276) {code}
          Daniel Beck made changes -
          Description Original: when the JVMis configured to use bouncycastle-fips the agents can not connect to JNLP-4 based remoting due to an incompatibility between the classes in the fips and non fips variety.
          {code:java}
          Oct 24, 2023 2:03:26 PM INFO jenkins.model.identity.InstanceIdentityProvider$KeyTypes getCertificate
          Encountered an error while consulting instance identity provider org.jenkinsci.main.modules.instance_identity.InstanceIdentityRSAProvider@5b8b62a0
          java.lang.ClassNotFoundException: org.bouncycastle.crypto.params.AsymmetricKeyParameter
           at java.base/java.net.URLClassLoader.findClass(URLClassLoader.java:476)
           at jenkins.util.URLClassLoader2.findClass(URLClassLoader2.java:35)
           at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:594)
           at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:527)
          Caused: java.lang.NoClassDefFoundError: org/bouncycastle/crypto/params/AsymmetricKeyParameter
           at org.jenkinsci.main.modules.instance_identity.InstanceIdentity.getCertificate(InstanceIdentity.java:163)
           at org.jenkinsci.main.modules.instance_identity.InstanceIdentityRSAProvider.getCertificate(InstanceIdentityRSAProvider.java:48)
           at jenkins.model.identity.InstanceIdentityProvider$KeyTypes.getCertificate(InstanceIdentityProvider.java:299)
           at jenkins.slaves.JnlpSlaveAgentProtocol4.init(JnlpSlaveAgentProtocol4.java:86)
           at jenkins.slaves.JnlpSlaveAgentProtocol4.handle(JnlpSlaveAgentProtocol4.java:158)
           at hudson.TcpSlaveAgentListener$ConnectionHandler.run(TcpSlaveAgentListener.java:276) {code}           		New: when the JVM is configured to use bouncycastle-fips the agents can not connect to JNLP-4 based remoting due to an incompatibility between the classes in the fips and non fips variety.
          {code:java}
          Oct 24, 2023 2:03:26 PM INFO jenkins.model.identity.InstanceIdentityProvider$KeyTypes getCertificate
          Encountered an error while consulting instance identity provider org.jenkinsci.main.modules.instance_identity.InstanceIdentityRSAProvider@5b8b62a0
          java.lang.ClassNotFoundException: org.bouncycastle.crypto.params.AsymmetricKeyParameter
           at java.base/java.net.URLClassLoader.findClass(URLClassLoader.java:476)
           at jenkins.util.URLClassLoader2.findClass(URLClassLoader2.java:35)
           at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:594)
           at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:527)
          Caused: java.lang.NoClassDefFoundError: org/bouncycastle/crypto/params/AsymmetricKeyParameter
           at org.jenkinsci.main.modules.instance_identity.InstanceIdentity.getCertificate(InstanceIdentity.java:163)
           at org.jenkinsci.main.modules.instance_identity.InstanceIdentityRSAProvider.getCertificate(InstanceIdentityRSAProvider.java:48)
           at jenkins.model.identity.InstanceIdentityProvider$KeyTypes.getCertificate(InstanceIdentityProvider.java:299)
           at jenkins.slaves.JnlpSlaveAgentProtocol4.init(JnlpSlaveAgentProtocol4.java:86)
           at jenkins.slaves.JnlpSlaveAgentProtocol4.handle(JnlpSlaveAgentProtocol4.java:158)
           at hudson.TcpSlaveAgentListener$ConnectionHandler.run(TcpSlaveAgentListener.java:276) {code}
          James Nord made changes -
          Status Original: Open [ 1 ] New: In Progress [ 3 ]
          James Nord made changes -
          Status Original: In Progress [ 3 ] New: In Review [ 10005 ]
          James Nord made changes -
          Remote Link New: This issue links to "PR#102 (Web Link)" [ 29003 ]
          James Nord made changes -
          Description Original: when the JVM is configured to use bouncycastle-fips the agents can not connect to JNLP-4 based remoting due to an incompatibility between the classes in the fips and non fips variety.
          {code:java}
          Oct 24, 2023 2:03:26 PM INFO jenkins.model.identity.InstanceIdentityProvider$KeyTypes getCertificate
          Encountered an error while consulting instance identity provider org.jenkinsci.main.modules.instance_identity.InstanceIdentityRSAProvider@5b8b62a0
          java.lang.ClassNotFoundException: org.bouncycastle.crypto.params.AsymmetricKeyParameter
           at java.base/java.net.URLClassLoader.findClass(URLClassLoader.java:476)
           at jenkins.util.URLClassLoader2.findClass(URLClassLoader2.java:35)
           at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:594)
           at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:527)
          Caused: java.lang.NoClassDefFoundError: org/bouncycastle/crypto/params/AsymmetricKeyParameter
           at org.jenkinsci.main.modules.instance_identity.InstanceIdentity.getCertificate(InstanceIdentity.java:163)
           at org.jenkinsci.main.modules.instance_identity.InstanceIdentityRSAProvider.getCertificate(InstanceIdentityRSAProvider.java:48)
           at jenkins.model.identity.InstanceIdentityProvider$KeyTypes.getCertificate(InstanceIdentityProvider.java:299)
           at jenkins.slaves.JnlpSlaveAgentProtocol4.init(JnlpSlaveAgentProtocol4.java:86)
           at jenkins.slaves.JnlpSlaveAgentProtocol4.handle(JnlpSlaveAgentProtocol4.java:158)
           at hudson.TcpSlaveAgentListener$ConnectionHandler.run(TcpSlaveAgentListener.java:276) {code}           		New: when the JVM is configured to use bouncycastle-fips the agents can not connect to JNLP-4 based remoting due to an incompatibility between the classes in the fips and non fips variety of bouncycastle.
          {code:java}
          Oct 24, 2023 2:03:26 PM INFO jenkins.model.identity.InstanceIdentityProvider$KeyTypes getCertificate
          Encountered an error while consulting instance identity provider org.jenkinsci.main.modules.instance_identity.InstanceIdentityRSAProvider@5b8b62a0
          java.lang.ClassNotFoundException: org.bouncycastle.crypto.params.AsymmetricKeyParameter
           at java.base/java.net.URLClassLoader.findClass(URLClassLoader.java:476)
           at jenkins.util.URLClassLoader2.findClass(URLClassLoader2.java:35)
           at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:594)
           at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:527)
          Caused: java.lang.NoClassDefFoundError: org/bouncycastle/crypto/params/AsymmetricKeyParameter
           at org.jenkinsci.main.modules.instance_identity.InstanceIdentity.getCertificate(InstanceIdentity.java:163)
           at org.jenkinsci.main.modules.instance_identity.InstanceIdentityRSAProvider.getCertificate(InstanceIdentityRSAProvider.java:48)
           at jenkins.model.identity.InstanceIdentityProvider$KeyTypes.getCertificate(InstanceIdentityProvider.java:299)
           at jenkins.slaves.JnlpSlaveAgentProtocol4.init(JnlpSlaveAgentProtocol4.java:86)
           at jenkins.slaves.JnlpSlaveAgentProtocol4.handle(JnlpSlaveAgentProtocol4.java:158)
           at hudson.TcpSlaveAgentListener$ConnectionHandler.run(TcpSlaveAgentListener.java:276) {code}
          James Nord made changes -
          Released As New: 185.v303dc7c645f9
          Resolution New: Fixed [ 1 ]
          Status Original: In Review [ 10005 ] New: Resolved [ 5 ]
          James Nord made changes -
          Released As Original: 185.v303dc7c645f9 New: instance-identity:185.v303dc7c645f9
          James Nord made changes -
          Status Original: Resolved [ 5 ] New: Closed [ 6 ]

            teilo James Nord
            teilo James Nord
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: