Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-43527

Connecting to master on HTTPS fails after few minutes

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • swarm-plugin
    • None
    • ## Master
      Jenkins Version : 2.51
      OS: Alpine OS 3.5
      Swarm Plugin 3.3

      ## Slave
      Jenkins Swarm: 3.3 and 3.4
      OS: Amazon Linux

      When I connect to my Jenkins Master on HTTP, swarm works fine but it fails when I try to connect thru HTTPS (after few minutes).

      nohup java -jar /opt/swarm-client-3.4.jar  -disableSslVerification -master https://<Jenkins_URL> -username <username> -password <password> -fsroot /var/jenkins_home &

      Here is the detailed log.

      [root@ip-10-61-66-11 ~]# java -jar /opt/swarm-client.jar -disableSslVerification -master https://jenkins-master.mydomain.com -username admin -password jenkinspassword -labels slave -executors 10 -description "Jenkins Slave" -fsroot /var/jenkins_home
Apr 12, 2017 2:11:12 AM hudson.plugins.swarm.Client main
INFO: Client.main invoked with: [-disableSslVerification -master https://jenkins-master.mydomain.com -username admin -password jenkinspassword -labels slave -executors 10 -description Jenkins Slave -fsroot /var/jenkins_home]
Apr 12, 2017 2:11:13 AM hudson.plugins.swarm.Client run
INFO: Discovering Jenkins master
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
Apr 12, 2017 2:11:14 AM hudson.plugins.swarm.Client run
INFO: Attempting to connect to https://jenkins-master.mydomain.com/ 692eef4e-08aa-4462-9bd3-573a8a977a48 with ID 7fa6f27f
Apr 12, 2017 2:11:14 AM hudson.plugins.swarm.SwarmClient getCsrfCrumb
SEVERE: Could not obtain CSRF crumb. Response code: 404
Apr 12, 2017 2:11:15 AM hudson.remoting.jnlp.Main createEngine
INFO: Setting up slave: ip-10-61-66-11.ap-southeast-2.compute.internal-7fa6f27f
Apr 12, 2017 2:11:15 AM hudson.remoting.jnlp.Main$CuiListener <init>
INFO: Jenkins agent is running in headless mode.
Apr 12, 2017 2:11:15 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Locating server among [https://jenkins-master.mydomain.com/]
Apr 12, 2017 2:11:16 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Agent discovery successful
  Agent address: jenkins-master.mydomain.com
  Agent port:    50000
  Identity:      34:fc:02:5a:85:94:6f:24:18:8d:7f:99:36:d7:e1:f6
Apr 12, 2017 2:11:16 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Handshaking
Apr 12, 2017 2:11:16 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Connecting to jenkins-master.mydomain.com:50000
Apr 12, 2017 2:11:16 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Trying protocol: JNLP4-connect
Apr 12, 2017 2:11:16 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Remote identity confirmed: 34:fc:02:5a:85:94:6f:24:18:8d:7f:99:36:d7:e1:f6
Apr 12, 2017 2:11:17 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Connected

Apr 12, 2017 2:49:02 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Terminated
Apr 12, 2017 2:49:02 AM hudson.plugins.swarm.Client run
INFO: Retrying in 10 seconds
Apr 12, 2017 2:49:13 AM hudson.plugins.swarm.Client run
INFO: Attempting to connect to https://jenkins-master.mydomain.com/ 692eef4e-08aa-4462-9bd3-573a8a977a48 with ID 7fa6f27f
Apr 12, 2017 2:49:13 AM hudson.plugins.swarm.SwarmClient getCsrfCrumb
SEVERE: Could not obtain CSRF crumb. Response code: 404
Apr 12, 2017 2:49:14 AM hudson.remoting.jnlp.Main createEngine
INFO: Setting up slave: ip-10-61-66-11.ap-southeast-2.compute.internal-7fa6f27f
Apr 12, 2017 2:49:14 AM hudson.remoting.jnlp.Main$CuiListener <init>
INFO: Jenkins agent is running in headless mode.
Apr 12, 2017 2:49:14 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Locating server among [https://jenkins-master.mydomain.com/]
Apr 12, 2017 2:49:14 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Agent discovery successful
  Agent address: jenkins-master.mydomain.com
  Agent port:    50000
  Identity:      34:fc:02:5a:85:94:6f:24:18:8d:7f:99:36:d7:e1:f6
Apr 12, 2017 2:49:14 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Handshaking
Apr 12, 2017 2:49:14 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Connecting to jenkins-master.mydomain.com:50000
Apr 12, 2017 2:49:14 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Trying protocol: JNLP4-connect
Apr 12, 2017 2:49:15 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Remote identity confirmed: 34:fc:02:5a:85:94:6f:24:18:8d:7f:99:36:d7:e1:f6
Apr 12, 2017 2:49:15 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Connected

Apr 12, 2017 2:51:02 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Terminated
Apr 12, 2017 2:51:02 AM hudson.plugins.swarm.Client run
INFO: Retrying in 10 seconds
Apr 12, 2017 2:51:13 AM hudson.plugins.swarm.Client run
INFO: Attempting to connect to https://jenkins-master.mydomain.com/ 692eef4e-08aa-4462-9bd3-573a8a977a48 with ID 7fa6f27f
Apr 12, 2017 2:51:13 AM hudson.plugins.swarm.SwarmClient getCsrfCrumb
SEVERE: Could not obtain CSRF crumb. Response code: 404
Apr 12, 2017 2:51:14 AM hudson.remoting.jnlp.Main createEngine
INFO: Setting up slave: ip-10-61-66-11.ap-southeast-2.compute.internal-7fa6f27f
Apr 12, 2017 2:51:14 AM hudson.remoting.jnlp.Main$CuiListener <init>
INFO: Jenkins agent is running in headless mode.
Apr 12, 2017 2:51:14 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Locating server among [https://jenkins-master.mydomain.com/]
Apr 12, 2017 2:51:14 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Agent discovery successful
  Agent address: jenkins-master.mydomain.com
  Agent port:    50000
  Identity:      34:fc:02:5a:85:94:6f:24:18:8d:7f:99:36:d7:e1:f6
Apr 12, 2017 2:51:14 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Handshaking
Apr 12, 2017 2:51:14 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Connecting to jenkins-master.mydomain.com:50000
Apr 12, 2017 2:51:14 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Trying protocol: JNLP4-connect
Apr 12, 2017 2:51:15 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Remote identity confirmed: 34:fc:02:5a:85:94:6f:24:18:8d:7f:99:36:d7:e1:f6
Apr 12, 2017 2:51:15 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Connected

Apr 12, 2017 2:53:16 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Terminated
Apr 12, 2017 2:53:16 AM hudson.plugins.swarm.Client run
INFO: Retrying in 10 seconds
Apr 12, 2017 2:53:26 AM hudson.plugins.swarm.Client run
INFO: Attempting to connect to https://jenkins-master.mydomain.com/ 692eef4e-08aa-4462-9bd3-573a8a977a48 with ID 7fa6f27f
Apr 12, 2017 2:53:27 AM hudson.plugins.swarm.SwarmClient getCsrfCrumb
SEVERE: Could not obtain CSRF crumb. Response code: 404
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching jenkins-master.mydomain.com found.
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1914)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1477)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:213)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:961)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:897)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1033)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1342)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1369)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1353)
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
	at hudson.remoting.Launcher.parseJnlpArguments(Launcher.java:393)
	at hudson.plugins.swarm.SwarmClient.connect(SwarmClient.java:284)
	at hudson.plugins.swarm.Client.run(Client.java:135)
	at hudson.plugins.swarm.Client.main(Client.java:87)
Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching jenkins-master.mydomain.com found.
	at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:204)
	at sun.security.util.HostnameChecker.match(HostnameChecker.java:95)
	at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:347)
	at sun.security.ssl.AbstractTrustManagerWrapper.checkAdditionalTrust(SSLContextImpl.java:940)
	at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:907)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1459)
	... 14 more
Apr 12, 2017 2:53:27 AM hudson.plugins.swarm.SwarmClient connect
SEVERE: Failed to establish JNLP connection to https://jenkins-master.mydomain.com/
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching jenkins-master.mydomain.com found.
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1914)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1477)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:213)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:961)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:897)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1033)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1342)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1369)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1353)
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
	at hudson.remoting.Launcher.parseJnlpArguments(Launcher.java:393)
	at hudson.plugins.swarm.SwarmClient.connect(SwarmClient.java:284)
	at hudson.plugins.swarm.Client.run(Client.java:135)
	at hudson.plugins.swarm.Client.main(Client.java:87)
Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching jenkins-master.mydomain.com found.
	at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:204)
	at sun.security.util.HostnameChecker.match(HostnameChecker.java:95)
	at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:347)
	at sun.security.ssl.AbstractTrustManagerWrapper.checkAdditionalTrust(SSLContextImpl.java:940)
	at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:907)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1459)
	... 14 more

Exception in thread "main" java.lang.IndexOutOfBoundsException: Index: 0
	at java.util.Collections$EmptyList.get(Collections.java:3212)
	at hudson.plugins.swarm.SwarmClient.connect(SwarmClient.java:292)
	at hudson.plugins.swarm.Client.run(Client.java:135)
	at hudson.plugins.swarm.Client.main(Client.java:87)

      Thanks in advance for looking into this.

      Regards,
      Vikas

            winotu Chris Z
            vikas027 Vikas Kumar
            Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: