Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-38144

HTTPS mode fails when using IBM Java (No SunX509)


    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Minor
    • Resolution: Unresolved
    • Component/s: core, winstone-jetty
    • Labels:
    • Environment:
    • Similar Issues:


      I have tried and tried to get Jenkins to run on port 443 in HTTPS mode, but it always complains as follows:

      SEVERE: Container startup failed
      java.io.IOException: Failed to start a listener: winstone.HttpsConnectorFactory
      at winstone.Launcher.spawnListener(Launcher.java:207)
      at winstone.Launcher.<init>(Launcher.java:149)
      at winstone.Launcher.main(Launcher.java:352)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:56)
      at java.lang.reflect.Method.invoke(Method.java:620)
      at Main._main(Main.java:246)
      at Main.main(Main.java:91)
      Caused by: winstone.WinstoneException: Error getting the SSL context object
      at winstone.HttpsConnectorFactory.getSSLContext(HttpsConnectorFactory.java:241)
      at winstone.HttpsConnectorFactory.createConnector(HttpsConnectorFactory.java:131)
      at winstone.HttpsConnectorFactory.start(HttpsConnectorFactory.java:116)
      at winstone.Launcher.spawnListener(Launcher.java:205)
      ... 8 more
      Caused by: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available
      at sun.security.jca.GetInstance.getInstance(GetInstance.java:172)
      at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:9)
      at winstone.HttpsConnectorFactory.getSSLContext(HttpsConnectorFactory.java:206)
      ... 11 more

      My keys are created using the following:

      keytool -genkey -alias jenkins-ssl-cert -keyalg RSA -keystore /var/lib/jenkins/ssl/.keystore -validity 3650

      (but I also tried using openssl and the converting to JKS format, but that method didn't help it either.)

      Finally, I see on the internet that once upon a time we could specify IbmX509, but now it seems we can't:

        1. the SSL KeyManagerFactory type (eg SunX509, IbmX509). Default is SunX509

      If that mechanism still worked, that might have fixed things for me?

      Finally, I tried the following, but that didn't help either:


      So, I'm pretty sure this is a bug, as Jenkins should work with HTTPS when using IBM Java (I hope)




          will177 Will Berriss created issue -
          danielbeck Daniel Beck made changes -
          Field Original Value New Value
          Labels java-ibm
          oleg_nenashev Oleg Nenashev made changes -
          Labels java-ibm java-ibm winstone
          oleg_nenashev Oleg Nenashev made changes -
          Component/s winstone-jetty [ 20645 ]
          markewaite Mark Waite made changes -
          Epic Link JENKINS-61773 [ 205611 ]


            • Assignee:
              will177 Will Berriss
            • Votes:
              0 Vote for this issue
              2 Start watching this issue


              • Created: