-
Story
-
Resolution: Not A Defect
-
Critical
I am trying to deploy jenkins on kubernetes when trying to install the plugins i get certificate error.
Infra Specs:
docker image: jenkins/jenkins:lts
Java Version:
jenkins@jenkins-master-7d8f6f7874-645x8:/$ java --version
openjdk 17.0.13 2024-10-15
OpenJDK Runtime Environment Temurin-17.0.13+11 (build 17.0.13+11)
OpenJDK 64-Bit Server VM Temurin-17.0.13+11 (build 17.0.13+11, mixed mode)
Image Id
docker.io/jenkins/jenkins@sha256:e728082cd6a2710840ef7d9fdcdc93408eb488aa05d10bc92f4454254e22cc4e
Error Logs:
Caused: java.io.IOException: Failed to download from https://updates.jenkins.io/download/plugins/opentelemetry-api/1.44.1.40.v93f5f8ca_42c3/opentelemetry-api.hpi → https://ftp.halifax.rwth-aachen.de/jenkins/plugins/opentelemetry-api/1.44.1.40.v93f5f8ca_42c3/opentelemetry-api.hpi
at hudson.model.UpdateCenter$UpdateCenterConfiguration.download(UpdateCenter.java:1390)
at hudson.model.UpdateCenter$DownloadJob._run(UpdateCenter.java:2038)
at hudson.model.UpdateCenter$InstallationJob._run(UpdateCenter.java:2366)
at hudson.model.UpdateCenter$DownloadJob.run(UpdateCenter.java:2012)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
at hudson.remoting.AtmostOneThreadExecutor$Worker.run(AtmostOneThreadExecutor.java:121)
at java.base/java.lang.Thread.run(Unknown Source)
2024-12-25 12:48:11.219+0000 [id=217] INFO h.model.UpdateCenter$DownloadJob#run: Starting the installation of database on behalf of deepak
2024-12-25 12:48:11.223+0000 [id=217] INFO h.m.UpdateCenter$UpdateCenterConfiguration#download: Downloading database
2024-12-25 12:48:11.973+0000 [id=217] SEVERE h.model.UpdateCenter$DownloadJob#run: Failed to install database
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.base/java.security.cert.CertPathBuilder.build(Unknown Source)
Caused: sun.security.validator.ValidatorException: PKIX path building failed
at java.base/sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at java.base/sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at java.base/sun.security.validator.Validator.validate(Unknown Source)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
Caused: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(Unknown Source)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(Unknown Source)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(Unknown Source)
at java.base/sun.security.ssl.SSLHandshake.consume(Unknown Source)
at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
at java.base/sun.security.ssl.TransportContext.dispatch(Unknown Source)
at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at java.base/sun.net.www.protocol.http.HttpURLConnection.followRedirect0(Unknown Source)
at java.base/sun.net.www.protocol.http.HttpURLConnection.followRedirect(Unknown Source)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at hudson.model.UpdateCenter$UpdateCenterConfiguration.download(UpdateCenter.java:1348)
Caused: java.io.IOException: Failed to load https://updates.jenkins.io/download/plugins/database/273.vc4781cc27e67/database.hpi to /var/jenkins_home/plugins/database.jpi.tmp
at hudson.model.UpdateCenter$UpdateCenterConfiguration.download(UpdateCenter.java:1363)
Caused: java.io.IOException: Failed to download from https://updates.jenkins.io/download/plugins/database/273.vc4781cc27e67/database.hpi → https://ftp.belnet.be/mirror/jenkins/plugins/database/273.vc4781cc27e67/database.hpi
at hudson.model.UpdateCenter$UpdateCenterConfiguration.download(UpdateCenter.java:1390)
at hudson.model.UpdateCenter$DownloadJob._run(UpdateCenter.java:2038)
at hudson.model.UpdateCenter$InstallationJob._run(UpdateCenter.java:2366)
at hudson.model.UpdateCenter$DownloadJob.run(UpdateCenter.java:2012)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
at hudson.remoting.AtmostOneThreadExecutor$Worker.run(AtmostOneThreadExecutor.java:121)
at java.base/java.lang.Thread.run(Unknown Source)
Steps Taken to fix the issue but did not work:
1)Tried changing from https to http which did not work in advanced section of the plugin
2)tried using openssl to generate the cert from the site it is trying to reach and used keytool to import the cert which was successful but still faced the same issue when i tried to do an curl.