Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-35389

Gerrit-Trigger cannot connect to gerrit Rest API though https (certificate error)

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Critical
    • Resolution: Unresolved
    • Component/s: gerrit-trigger-plugin
    • Labels:
      None
    • Environment:
      Jenkins: 1.651.2
      gerrit-trigger-plugin: 2.21.0
    • Similar Issues:

      Description

      I have a nginx reverse proxy in front of many website to handle SSL certificates. So it using virtual host (by name), and one certificate for each virtual host. My gerrit running behind this reverse proxy.
      Gerrit has events-log plugin installed, and https certificate is signed by public CA root.

      Now when I config gerrit-trigger-plugin to talk to gerrit, it keep complaining SSLHandShake error because cannot recognize certificate.

      After many debug, I found that gerrit-trigger-plugin using deprecated HttpClient APIs, which cause gerrit-trigger-plugin connect to the IP instead of hostname to do handshake, so it getting wrong certificate.

        Attachments

          Activity

          Hide
          weigao Wei Gao added a comment -

          Here is a fix diff. I don't know checkin process, so just attach the patch here.

          Show
          weigao Wei Gao added a comment - Here is a fix diff. I don't know checkin process, so just attach the patch here.
          Hide
          weigao Wei Gao added a comment -

          Generated by "git diff" command

          Show
          weigao Wei Gao added a comment - Generated by "git diff" command
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Wei Gao
          Path:
          src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/GerritPluginChecker.java
          src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/HttpUtils.java
          http://jenkins-ci.org/commit/gerrit-trigger-plugin/0e0d38b8402625f567a0a0f2d1b08a73ed421078
          Log:
          JENKINS-35389: Use deprecated API will cause getting wrong certificate from gerrit https url.

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Wei Gao Path: src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/GerritPluginChecker.java src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/HttpUtils.java http://jenkins-ci.org/commit/gerrit-trigger-plugin/0e0d38b8402625f567a0a0f2d1b08a73ed421078 Log: JENKINS-35389 : Use deprecated API will cause getting wrong certificate from gerrit https url.
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Robert Sandell
          Path:
          src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/GerritPluginChecker.java
          src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/HttpUtils.java
          http://jenkins-ci.org/commit/gerrit-trigger-plugin/cf7401aad7a278961341952320570e105bf24dbc
          Log:
          Merge pull request #287 from Noodle05/master

          JENKINS-35389:

          Compare: https://github.com/jenkinsci/gerrit-trigger-plugin/compare/33957ae997ed...cf7401aad7a2

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Robert Sandell Path: src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/GerritPluginChecker.java src/main/java/com/sonyericsson/hudson/plugins/gerrit/trigger/utils/HttpUtils.java http://jenkins-ci.org/commit/gerrit-trigger-plugin/cf7401aad7a278961341952320570e105bf24dbc Log: Merge pull request #287 from Noodle05/master JENKINS-35389 : Compare: https://github.com/jenkinsci/gerrit-trigger-plugin/compare/33957ae997ed...cf7401aad7a2

            People

            • Assignee:
              rsandell rsandell
              Reporter:
              weigao Wei Gao
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: