Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-26045

Connecting to Remote WAS 7 Network Deployment errors

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Cannot Reproduce
    • Icon: Minor Minor
    • websphere-deployer-plugin
    • None
    • Using Websphere 7 with network deployment
      Jenkins latest with Sun JRE

      Any help would be greatly appreciated.

      I am getting the following error where I can't connect to the remote port on SOAP port 8879. This appears to be certificate issues. I created extracted the certificates for 9043 and 8879. I used I have many combinations of creating a separate jssecerts,

      Batch file
      E:\AppDevelopment\jdk\IBM\jdk60\bin\java.exe InstallCert server:9043
      pause
      E:\AppDevelopment\jdk\IBM\jdk60\bin\java.exe InstallCert server:8879

      pause

      echo LIST Trust store certs to get the alias names
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -list -storepass WebAS -v -keystore "E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks" > DummyClientTrustFilecertList.txt

      echo list of alias: "thawte personal freemail ca" "new websphere dummy client" "new websphere dummy server" "default_signer" "thawte personal basic ca" "rsa secure server certification authority" "thawte premium server ca"
      echo "verisign class 1 public primary certification authority" "thawte server ca"
      pause
      echo EXPORT CERTS
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "thawte personal freemail ca" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file thawtepersonalfreemailca.crt
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "new websphere dummy client" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file newwebspheredummyclient.crt
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "new websphere dummy server" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file newwebspheredummyserver.crt
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "default_signer" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file default_signer.crt
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "thawte personal basic ca" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file thawtepersonalbasicca.crt
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "rsa secure server certification authority" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file rsasecureservercertificationauthority.crt
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "thawte premium server ca" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file thawtepremiumserverca.crt
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "verisign class 1 public primary certification authority" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file verisignclass1publicprimarycertificationauthority.crt
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "thawte server ca" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file thawteserverca.crt

      echo IMPORT CERTS
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "thawte personal freemail ca" -file E:\AppDevelopment\Process\WAS_Deploy\thawtepersonalfreemailca.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "new websphere dummy client" -file E:\AppDevelopment\Process\WAS_Deploy\newwebspheredummyclient.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "new websphere dummy server" -file E:\AppDevelopment\Process\WAS_Deploy\newwebspheredummyserver.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "default_signer" -file E:\AppDevelopment\Process\WAS_Deploy\default_signer.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "thawte personal basic ca" -file E:\AppDevelopment\Process\WAS_Deploy\thawtepersonalbasicca.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "rsa secure server certification authority" -file E:\AppDevelopment\Process\WAS_Deploy\rsasecureservercertificationauthority.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "thawte premium server ca" -file E:\AppDevelopment\Process\WAS_Deploy\thawtepremiumserverca.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "verisign class 1 public primary certification authority" -file E:\AppDevelopment\Process\WAS_Deploy\verisignclass1publicprimarycertificationauthority.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "thawte server ca" -file E:\AppDevelopment\Process\WAS_Deploy\thawteserverca.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts

      echo LIST CERTS
      call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -list -storepass changeit -v -keystore "E:\AppDevelopment\Process\WAS_Deploy\cacerts" > newCacerts

      I updated jenkins.xml to include some runtime helpers
      <arguments>-Xrs -Xmx256m -Djavax.net.debug=ssl -Djava.util.logging.loglevel=ALL -Dcom.ibm.SOAP.ConfigURL=file:"E:/Program Files (x86)/Jenkins/Websphere/soap.client.props" -Dcom.ibm.SSL.ConfigURL=file:"E:/Program Files (x86)/Jenkins/Websphere/ssl.client.props" -Dhudson.lifecycle=hudson.lifecycle.WindowsServiceLifecycle -jar "%BASE%\jenkins.war" --httpPort=8080</arguments>

      The test connection and the build job fail with the same message.. Ironically I was able to get it to go further and connect, but when I came in the next morning it wasn't working again.

      Connecting...
      Connecting to IBM WebSphere Application Server...
      Error deploying to IBM WebSphere Application Server: com.ibm.websphere.management.exception.ConnectorException: ADMC0016E: The system cannot create a SOAP connector to connect to host DIA-DEV1.jih01.johnson.ca at port 8879.
      at com.ibm.websphere.management.AdminClientFactory.createAdminClientPrivileged(AdminClientFactory.java:635)
      at com.ibm.websphere.management.AdminClientFactory.access$000(AdminClientFactory.java:127)
      at com.ibm.websphere.management.AdminClientFactory$1.run(AdminClientFactory.java:210)
      at com.ibm.ws.security.util.AccessController.doPrivileged(AccessController.java:63)
      at com.ibm.websphere.management.AdminClientFactory.createAdminClient(AdminClientFactory.java:206)
      at org.jenkinsci.plugins.websphere.services.deployment.WebSphereDeploymentService.connect(WebSphereDeploymentService.java:322)
      at org.jenkinsci.plugins.websphere_deployer.WebSphereDeployerPlugin.connect(WebSphereDeployerPlugin.java:276)
      at org.jenkinsci.plugins.websphere_deployer.WebSphereDeployerPlugin.perform(WebSphereDeployerPlugin.java:168)
      at hudson.tasks.BuildStepMonitor$3.perform(BuildStepMonitor.java:45)
      at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:770)
      at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:734)
      at hudson.model.Build$BuildExecution.post2(Build.java:183)
      at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:683)
      at hudson.model.Run.execute(Run.java:1784)
      at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
      at hudson.model.ResourceController.execute(ResourceController.java:89)
      at hudson.model.Executor.run(Executor.java:240)
      Caused by: java.lang.reflect.InvocationTargetException
      at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
      at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
      at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
      at java.lang.reflect.Constructor.newInstance(Unknown Source)
      at com.ibm.websphere.management.AdminClientFactory.createAdminClientPrivileged(AdminClientFactory.java:457)
      ... 16 more
      Caused by: com.ibm.websphere.management.exception.ConnectorNotAvailableException: [SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; targetException=java.lang.IllegalArgumentException: Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
      at com.ibm.ws.management.connector.soap.SOAPConnectorClient.reconnect(SOAPConnectorClient.java:415)
      at com.ibm.ws.management.connector.soap.SOAPConnectorClient.<init>(SOAPConnectorClient.java:227)
      ... 21 more
      Caused by: [SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; targetException=java.lang.IllegalArgumentException: Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
      at org.apache.soap.transport.http.SOAPHTTPConnection.send(SOAPHTTPConnection.java:475)
      at org.apache.soap.rpc.Call.WASinvoke(Call.java:487)
      at com.ibm.ws.management.connector.soap.SOAPConnectorClient$4.run(SOAPConnectorClient.java:387)
      at com.ibm.ws.security.util.AccessController.doPrivileged(AccessController.java:118)
      at com.ibm.ws.management.connector.soap.SOAPConnectorClient.reconnect(SOAPConnectorClient.java:372)
      ... 22 more

      Build step 'Deploy To IBM WebSphere Application Server' changed build result to FAILURE

            gpeters Greg Peters
            sean_paul_moriarty Sean Moriarty
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: