Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-5349

SSL certificate file is not saved, so project cannot be built

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • subversion-plugin
    • None

      Reproduction steps:
      1) Create a new job using Subversion and set the Repository URL to a repository which requires SSL authentication
      2) See the error message under the Repository URL field:
      "Unable to access https://svn.zynga.com/svn/pets/game/branches/amanda : svn: Unknown error (show details) (Maybe you need to enter credential?)"
      3) Ignore this error and click "Save" at the bottom of the page so that the Repository URL is saved (this is a work-around for http://issues.jenkins-ci.org/browse/JENKINS-5348)
      4) Enter the configuration page for this job again
      5) View the error message under the Repository URL field and click "enter credential"
      6) Select the "HTTPS client certificate" radio button, browse to the certificate file on your local filesystem, enter its password, click OK
      7) View message "Authentication was successful. Information is stored in Hudson now." (thanks to the fix for http://issues.jenkins-ci.org/browse/JENKINS-5230, this part works correctly now)
      8) Go to the dashboard, click "build now" for the job you just created
      9) See that it fails with the following error:

      Started by user amanda
Checking out a fresh workspace because /zynga/home/deploy/.hudson/jobs/test-flash-amanda-2/workspace/amanda doesn't exist
Checking out https://svn.zynga.com/svn/pets/game/branches/amanda
ERROR: Failed to check out https://svn.zynga.com/svn/pets/game/branches/amanda
org.tmatesoft.svn.core.SVNException: svn: Unknown error
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.acknowledgeAndClearAuthentication(HTTPSSLKeyManager.java:231)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:368)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:273)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:261)
	at org.tmatesoft.svn.core.internal.io.dav.DAVConnection.exchangeCapabilities(DAVConnection.java:516)
	at org.tmatesoft.svn.core.internal.io.dav.DAVConnection.open(DAVConnection.java:98)
	at org.tmatesoft.svn.core.internal.io.dav.DAVRepository.openConnection(DAVRepository.java:1001)
	at org.tmatesoft.svn.core.internal.io.dav.DAVRepository.getLatestRevision(DAVRepository.java:178)
	at org.tmatesoft.svn.core.wc.SVNBasicClient.getRevisionNumber(SVNBasicClient.java:482)
	at org.tmatesoft.svn.core.wc.SVNBasicClient.getLocations(SVNBasicClient.java:851)
	at org.tmatesoft.svn.core.wc.SVNBasicClient.createRepository(SVNBasicClient.java:534)
	at org.tmatesoft.svn.core.wc.SVNUpdateClient.doCheckout(SVNUpdateClient.java:893)
	at hudson.scm.SubversionSCM$CheckOutTask.invoke(SubversionSCM.java:673)
	at hudson.scm.SubversionSCM$CheckOutTask.invoke(SubversionSCM.java:593)
	at hudson.FilePath.act(FilePath.java:676)
	at hudson.FilePath.act(FilePath.java:660)
	at hudson.scm.SubversionSCM.checkout(SubversionSCM.java:586)
	at hudson.scm.SubversionSCM.checkout(SubversionSCM.java:534)
	at hudson.model.AbstractProject.checkout(AbstractProject.java:1011)
	at hudson.model.AbstractBuild$AbstractRunner.checkout(AbstractBuild.java:485)
	at hudson.model.AbstractBuild$AbstractRunner.run(AbstractBuild.java:411)
	at hudson.model.Run.run(Run.java:1193)
	at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:46)
	at hudson.model.ResourceController.execute(ResourceController.java:88)
	at hudson.model.Executor.run(Executor.java:122)
Caused by: java.lang.NullPointerException
	at java.io.FileInputStream.<init>(FileInputStream.java:103)
	at org.tmatesoft.svn.core.auth.SVNSSLAuthentication.<init>(SVNSSLAuthentication.java:46)
	at org.tmatesoft.svn.core.internal.wc.DefaultSVNAuthenticationManager$PersistentAuthenticationProvider.requestClientAuthentication(DefaultSVNAuthenticationManager.java:502)
	at org.tmatesoft.svn.core.internal.wc.DefaultSVNAuthenticationManager.getFirstAuthentication(DefaultSVNAuthenticationManager.java:159)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.initialize(HTTPSSLKeyManager.java:255)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.initializeNoException(HTTPSSLKeyManager.java:237)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.chooseClientAlias(HTTPSSLKeyManager.java:131)
	at com.sun.net.ssl.internal.ssl.AbstractWrapper.chooseClientAlias(SSLContextImpl.java:262)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:500)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:197)
	at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
	at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
	at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
	at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
	at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.sendData(HTTPConnection.java:226)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPRequest.dispatch(HTTPRequest.java:166)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:345)
	... 23 more
Finished: FAILURE

      More exploration:
      10) Navigate back to the job configure page for the job you just created
      11) View that the error message from step #2 is again visible, even though you entered the SSL creds and successfully authenticated.

      This is closely related to JENKINS-5348, but the difference is that JENKINS-5348 doesn't save the Repository URL after a successful first authentication, and this bug demonstrates that the SSL credential file and password are not saved, even when you do a work-around to get the Repository URL to save.

      I suspect that there needs to be a "save" step completed after the first successful authentication, which should save the Repository URL, the SSL certificate file, and the password for that file. This way, the credentials entered can be used to access the repository and build the project.

            Unassigned Unassigned
            awixted awixted
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: