-
Bug
-
Resolution: Cannot Reproduce
-
Minor
-
None
-
Using Websphere 7 with network deployment
Jenkins latest with Sun JRE
Any help would be greatly appreciated.
I am getting the following error where I can't connect to the remote port on SOAP port 8879. This appears to be certificate issues. I created extracted the certificates for 9043 and 8879. I used I have many combinations of creating a separate jssecerts,
Batch file
E:\AppDevelopment\jdk\IBM\jdk60\bin\java.exe InstallCert server:9043
pause
E:\AppDevelopment\jdk\IBM\jdk60\bin\java.exe InstallCert server:8879
pause
echo LIST Trust store certs to get the alias names
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -list -storepass WebAS -v -keystore "E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks" > DummyClientTrustFilecertList.txt
echo list of alias: "thawte personal freemail ca" "new websphere dummy client" "new websphere dummy server" "default_signer" "thawte personal basic ca" "rsa secure server certification authority" "thawte premium server ca"
echo "verisign class 1 public primary certification authority" "thawte server ca"
pause
echo EXPORT CERTS
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "thawte personal freemail ca" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file thawtepersonalfreemailca.crt
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "new websphere dummy client" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file newwebspheredummyclient.crt
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "new websphere dummy server" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file newwebspheredummyserver.crt
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "default_signer" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file default_signer.crt
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "thawte personal basic ca" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file thawtepersonalbasicca.crt
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "rsa secure server certification authority" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file rsasecureservercertificationauthority.crt
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "thawte premium server ca" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file thawtepremiumserverca.crt
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "verisign class 1 public primary certification authority" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file verisignclass1publicprimarycertificationauthority.crt
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -export -storepass WebAS -alias "thawte server ca" -keystore E:\AppDevelopment\Process\WAS_Deploy\dia-dev1\DummyClientTrustFile.jks -file thawteserverca.crt
echo IMPORT CERTS
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "thawte personal freemail ca" -file E:\AppDevelopment\Process\WAS_Deploy\thawtepersonalfreemailca.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "new websphere dummy client" -file E:\AppDevelopment\Process\WAS_Deploy\newwebspheredummyclient.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "new websphere dummy server" -file E:\AppDevelopment\Process\WAS_Deploy\newwebspheredummyserver.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "default_signer" -file E:\AppDevelopment\Process\WAS_Deploy\default_signer.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "thawte personal basic ca" -file E:\AppDevelopment\Process\WAS_Deploy\thawtepersonalbasicca.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "rsa secure server certification authority" -file E:\AppDevelopment\Process\WAS_Deploy\rsasecureservercertificationauthority.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "thawte premium server ca" -file E:\AppDevelopment\Process\WAS_Deploy\thawtepremiumserverca.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "verisign class 1 public primary certification authority" -file E:\AppDevelopment\Process\WAS_Deploy\verisignclass1publicprimarycertificationauthority.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -import -storepass changeit -trustcacerts -alias "thawte server ca" -file E:\AppDevelopment\Process\WAS_Deploy\thawteserverca.crt -keystore E:\AppDevelopment\Process\WAS_Deploy\cacerts
echo LIST CERTS
call "E:\Program Files (x86)\Jenkins\jre\bin\keytool" -list -storepass changeit -v -keystore "E:\AppDevelopment\Process\WAS_Deploy\cacerts" > newCacerts
I updated jenkins.xml to include some runtime helpers
<arguments>-Xrs -Xmx256m -Djavax.net.debug=ssl -Djava.util.logging.loglevel=ALL -Dcom.ibm.SOAP.ConfigURL=file:"E:/Program Files (x86)/Jenkins/Websphere/soap.client.props" -Dcom.ibm.SSL.ConfigURL=file:"E:/Program Files (x86)/Jenkins/Websphere/ssl.client.props" -Dhudson.lifecycle=hudson.lifecycle.WindowsServiceLifecycle -jar "%BASE%\jenkins.war" --httpPort=8080</arguments>
The test connection and the build job fail with the same message.. Ironically I was able to get it to go further and connect, but when I came in the next morning it wasn't working again.
Connecting...
Connecting to IBM WebSphere Application Server...
Error deploying to IBM WebSphere Application Server: com.ibm.websphere.management.exception.ConnectorException: ADMC0016E: The system cannot create a SOAP connector to connect to host DIA-DEV1.jih01.johnson.ca at port 8879.
at com.ibm.websphere.management.AdminClientFactory.createAdminClientPrivileged(AdminClientFactory.java:635)
at com.ibm.websphere.management.AdminClientFactory.access$000(AdminClientFactory.java:127)
at com.ibm.websphere.management.AdminClientFactory$1.run(AdminClientFactory.java:210)
at com.ibm.ws.security.util.AccessController.doPrivileged(AccessController.java:63)
at com.ibm.websphere.management.AdminClientFactory.createAdminClient(AdminClientFactory.java:206)
at org.jenkinsci.plugins.websphere.services.deployment.WebSphereDeploymentService.connect(WebSphereDeploymentService.java:322)
at org.jenkinsci.plugins.websphere_deployer.WebSphereDeployerPlugin.connect(WebSphereDeployerPlugin.java:276)
at org.jenkinsci.plugins.websphere_deployer.WebSphereDeployerPlugin.perform(WebSphereDeployerPlugin.java:168)
at hudson.tasks.BuildStepMonitor$3.perform(BuildStepMonitor.java:45)
at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:770)
at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:734)
at hudson.model.Build$BuildExecution.post2(Build.java:183)
at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:683)
at hudson.model.Run.execute(Run.java:1784)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:89)
at hudson.model.Executor.run(Executor.java:240)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at com.ibm.websphere.management.AdminClientFactory.createAdminClientPrivileged(AdminClientFactory.java:457)
... 16 more
Caused by: com.ibm.websphere.management.exception.ConnectorNotAvailableException: [SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; targetException=java.lang.IllegalArgumentException: Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
at com.ibm.ws.management.connector.soap.SOAPConnectorClient.reconnect(SOAPConnectorClient.java:415)
at com.ibm.ws.management.connector.soap.SOAPConnectorClient.<init>(SOAPConnectorClient.java:227)
... 21 more
Caused by: [SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; targetException=java.lang.IllegalArgumentException: Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
at org.apache.soap.transport.http.SOAPHTTPConnection.send(SOAPHTTPConnection.java:475)
at org.apache.soap.rpc.Call.WASinvoke(Call.java:487)
at com.ibm.ws.management.connector.soap.SOAPConnectorClient$4.run(SOAPConnectorClient.java:387)
at com.ibm.ws.security.util.AccessController.doPrivileged(AccessController.java:118)
at com.ibm.ws.management.connector.soap.SOAPConnectorClient.reconnect(SOAPConnectorClient.java:372)
... 22 more
Build step 'Deploy To IBM WebSphere Application Server' changed build result to FAILURE