Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-5349

SSL certificate file is not saved, so project cannot be built

    Details

    • Similar Issues:

      Description

      Reproduction steps:
      1) Create a new job using Subversion and set the Repository URL to a repository which requires SSL authentication
      2) See the error message under the Repository URL field:
      "Unable to access https://svn.zynga.com/svn/pets/game/branches/amanda : svn: Unknown error (show details) (Maybe you need to enter credential?)"
      3) Ignore this error and click "Save" at the bottom of the page so that the Repository URL is saved (this is a work-around for http://issues.jenkins-ci.org/browse/JENKINS-5348)
      4) Enter the configuration page for this job again
      5) View the error message under the Repository URL field and click "enter credential"
      6) Select the "HTTPS client certificate" radio button, browse to the certificate file on your local filesystem, enter its password, click OK
      7) View message "Authentication was successful. Information is stored in Hudson now." (thanks to the fix for http://issues.jenkins-ci.org/browse/JENKINS-5230, this part works correctly now)
      8) Go to the dashboard, click "build now" for the job you just created
      9) See that it fails with the following error:

      Started by user amanda
      Checking out a fresh workspace because /zynga/home/deploy/.hudson/jobs/test-flash-amanda-2/workspace/amanda doesn't exist
      Checking out https://svn.zynga.com/svn/pets/game/branches/amanda
      ERROR: Failed to check out https://svn.zynga.com/svn/pets/game/branches/amanda
      org.tmatesoft.svn.core.SVNException: svn: Unknown error
      	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.acknowledgeAndClearAuthentication(HTTPSSLKeyManager.java:231)
      	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:368)
      	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:273)
      	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:261)
      	at org.tmatesoft.svn.core.internal.io.dav.DAVConnection.exchangeCapabilities(DAVConnection.java:516)
      	at org.tmatesoft.svn.core.internal.io.dav.DAVConnection.open(DAVConnection.java:98)
      	at org.tmatesoft.svn.core.internal.io.dav.DAVRepository.openConnection(DAVRepository.java:1001)
      	at org.tmatesoft.svn.core.internal.io.dav.DAVRepository.getLatestRevision(DAVRepository.java:178)
      	at org.tmatesoft.svn.core.wc.SVNBasicClient.getRevisionNumber(SVNBasicClient.java:482)
      	at org.tmatesoft.svn.core.wc.SVNBasicClient.getLocations(SVNBasicClient.java:851)
      	at org.tmatesoft.svn.core.wc.SVNBasicClient.createRepository(SVNBasicClient.java:534)
      	at org.tmatesoft.svn.core.wc.SVNUpdateClient.doCheckout(SVNUpdateClient.java:893)
      	at hudson.scm.SubversionSCM$CheckOutTask.invoke(SubversionSCM.java:673)
      	at hudson.scm.SubversionSCM$CheckOutTask.invoke(SubversionSCM.java:593)
      	at hudson.FilePath.act(FilePath.java:676)
      	at hudson.FilePath.act(FilePath.java:660)
      	at hudson.scm.SubversionSCM.checkout(SubversionSCM.java:586)
      	at hudson.scm.SubversionSCM.checkout(SubversionSCM.java:534)
      	at hudson.model.AbstractProject.checkout(AbstractProject.java:1011)
      	at hudson.model.AbstractBuild$AbstractRunner.checkout(AbstractBuild.java:485)
      	at hudson.model.AbstractBuild$AbstractRunner.run(AbstractBuild.java:411)
      	at hudson.model.Run.run(Run.java:1193)
      	at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:46)
      	at hudson.model.ResourceController.execute(ResourceController.java:88)
      	at hudson.model.Executor.run(Executor.java:122)
      Caused by: java.lang.NullPointerException
      	at java.io.FileInputStream.<init>(FileInputStream.java:103)
      	at org.tmatesoft.svn.core.auth.SVNSSLAuthentication.<init>(SVNSSLAuthentication.java:46)
      	at org.tmatesoft.svn.core.internal.wc.DefaultSVNAuthenticationManager$PersistentAuthenticationProvider.requestClientAuthentication(DefaultSVNAuthenticationManager.java:502)
      	at org.tmatesoft.svn.core.internal.wc.DefaultSVNAuthenticationManager.getFirstAuthentication(DefaultSVNAuthenticationManager.java:159)
      	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.initialize(HTTPSSLKeyManager.java:255)
      	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.initializeNoException(HTTPSSLKeyManager.java:237)
      	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.chooseClientAlias(HTTPSSLKeyManager.java:131)
      	at com.sun.net.ssl.internal.ssl.AbstractWrapper.chooseClientAlias(SSLContextImpl.java:262)
      	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:500)
      	at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:197)
      	at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
      	at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
      	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
      	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
      	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
      	at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
      	at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
      	at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
      	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.sendData(HTTPConnection.java:226)
      	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPRequest.dispatch(HTTPRequest.java:166)
      	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:345)
      	... 23 more
      Finished: FAILURE
      

      More exploration:
      10) Navigate back to the job configure page for the job you just created
      11) View that the error message from step #2 is again visible, even though you entered the SSL creds and successfully authenticated.

      This is closely related to JENKINS-5348, but the difference is that JENKINS-5348 doesn't save the Repository URL after a successful first authentication, and this bug demonstrates that the SSL credential file and password are not saved, even when you do a work-around to get the Repository URL to save.

      I suspect that there needs to be a "save" step completed after the first successful authentication, which should save the Repository URL, the SSL certificate file, and the password for that file. This way, the credentials entered can be used to access the repository and build the project.

        Attachments

          Issue Links

            Activity

            awixted awixted created issue -
            awixted awixted made changes -
            Field Original Value New Value
            Link This issue depends on JENKINS-5348 [ JENKINS-5348 ]
            kohsuke Kohsuke Kawaguchi made changes -
            Description Reproduction steps:
            1) Create a new job using Subversion and set the Repository URL to a repository which requires SSL authentication
            2) See the error message under the Repository URL field:
            "Unable to access https://svn.zynga.com/svn/pets/game/branches/amanda : svn: Unknown error (show details) (Maybe you need to enter credential?)"
            3) Ignore this error and click "Save" at the bottom of the page so that the Repository URL is saved (this is a work-around for http://issues.jenkins-ci.org/browse/JENKINS-5348)
            4) Enter the configuration page for this job again
            5) View the error message under the Repository URL field and click "enter credential"
            6) Select the "HTTPS client certificate" radio button, browse to the certificate file on your local filesystem, enter its password, click OK
            7) View message "Authentication was successful. Information is stored in Hudson now." (thanks to the fix for http://issues.jenkins-ci.org/browse/JENKINS-5230, this part works correctly now)
            8) Go to the dashboard, click "build now" for the job you just created
            9) See that it fails with the following error:

            Started by user amanda
            Checking out a fresh workspace because /zynga/home/deploy/.hudson/jobs/test-flash-amanda-2/workspace/amanda doesn't exist
            Checking out https://svn.zynga.com/svn/pets/game/branches/amanda
            ERROR: Failed to check out https://svn.zynga.com/svn/pets/game/branches/amanda
            org.tmatesoft.svn.core.SVNException: svn: Unknown error
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.acknowledgeAndClearAuthentication(HTTPSSLKeyManager.java:231)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:368)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:273)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:261)
            at org.tmatesoft.svn.core.internal.io.dav.DAVConnection.exchangeCapabilities(DAVConnection.java:516)
            at org.tmatesoft.svn.core.internal.io.dav.DAVConnection.open(DAVConnection.java:98)
            at org.tmatesoft.svn.core.internal.io.dav.DAVRepository.openConnection(DAVRepository.java:1001)
            at org.tmatesoft.svn.core.internal.io.dav.DAVRepository.getLatestRevision(DAVRepository.java:178)
            at org.tmatesoft.svn.core.wc.SVNBasicClient.getRevisionNumber(SVNBasicClient.java:482)
            at org.tmatesoft.svn.core.wc.SVNBasicClient.getLocations(SVNBasicClient.java:851)
            at org.tmatesoft.svn.core.wc.SVNBasicClient.createRepository(SVNBasicClient.java:534)
            at org.tmatesoft.svn.core.wc.SVNUpdateClient.doCheckout(SVNUpdateClient.java:893)
            at hudson.scm.SubversionSCM$CheckOutTask.invoke(SubversionSCM.java:673)
            at hudson.scm.SubversionSCM$CheckOutTask.invoke(SubversionSCM.java:593)
            at hudson.FilePath.act(FilePath.java:676)
            at hudson.FilePath.act(FilePath.java:660)
            at hudson.scm.SubversionSCM.checkout(SubversionSCM.java:586)
            at hudson.scm.SubversionSCM.checkout(SubversionSCM.java:534)
            at hudson.model.AbstractProject.checkout(AbstractProject.java:1011)
            at hudson.model.AbstractBuild$AbstractRunner.checkout(AbstractBuild.java:485)
            at hudson.model.AbstractBuild$AbstractRunner.run(AbstractBuild.java:411)
            at hudson.model.Run.run(Run.java:1193)
            at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:46)
            at hudson.model.ResourceController.execute(ResourceController.java:88)
            at hudson.model.Executor.run(Executor.java:122)
            Caused by: java.lang.NullPointerException
            at java.io.FileInputStream.<init>(FileInputStream.java:103)
            at org.tmatesoft.svn.core.auth.SVNSSLAuthentication.<init>(SVNSSLAuthentication.java:46)
            at org.tmatesoft.svn.core.internal.wc.DefaultSVNAuthenticationManager$PersistentAuthenticationProvider.requestClientAuthentication(DefaultSVNAuthenticationManager.java:502)
            at org.tmatesoft.svn.core.internal.wc.DefaultSVNAuthenticationManager.getFirstAuthentication(DefaultSVNAuthenticationManager.java:159)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.initialize(HTTPSSLKeyManager.java:255)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.initializeNoException(HTTPSSLKeyManager.java:237)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.chooseClientAlias(HTTPSSLKeyManager.java:131)
            at com.sun.net.ssl.internal.ssl.AbstractWrapper.chooseClientAlias(SSLContextImpl.java:262)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:500)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:197)
            at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
            at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
            at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
            at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
            at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.sendData(HTTPConnection.java:226)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPRequest.dispatch(HTTPRequest.java:166)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:345)
            ... 23 more
            Finished: FAILURE


            More exploration:
            10) Navigate back to the job configure page for the job you just created
            11) View that the error message from step #2 is again visible, even though you entered the SSL creds and successfully authenticated.


            This is closely related to JENKINS-5348, but the difference is that JENKINS-5348 doesn't save the Repository URL after a successful first authentication, and this bug demonstrates that the SSL credential file and password are not saved, even when you do a work-around to get the Repository URL to save.

            I suspect that there needs to be a "save" step completed after the first successful authentication, which should save the Repository URL, the SSL certificate file, and the password for that file. This way, the credentials entered can be used to access the repository and build the project.
            Reproduction steps:
            1) Create a new job using Subversion and set the Repository URL to a repository which requires SSL authentication
            2) See the error message under the Repository URL field:
            "Unable to access https://svn.zynga.com/svn/pets/game/branches/amanda : svn: Unknown error (show details) (Maybe you need to enter credential?)"
            3) Ignore this error and click "Save" at the bottom of the page so that the Repository URL is saved (this is a work-around for http://issues.jenkins-ci.org/browse/JENKINS-5348)
            4) Enter the configuration page for this job again
            5) View the error message under the Repository URL field and click "enter credential"
            6) Select the "HTTPS client certificate" radio button, browse to the certificate file on your local filesystem, enter its password, click OK
            7) View message "Authentication was successful. Information is stored in Hudson now." (thanks to the fix for http://issues.jenkins-ci.org/browse/JENKINS-5230, this part works correctly now)
            8) Go to the dashboard, click "build now" for the job you just created
            9) See that it fails with the following error:
            {noformat}
            Started by user amanda
            Checking out a fresh workspace because /zynga/home/deploy/.hudson/jobs/test-flash-amanda-2/workspace/amanda doesn't exist
            Checking out https://svn.zynga.com/svn/pets/game/branches/amanda
            ERROR: Failed to check out https://svn.zynga.com/svn/pets/game/branches/amanda
            org.tmatesoft.svn.core.SVNException: svn: Unknown error
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.acknowledgeAndClearAuthentication(HTTPSSLKeyManager.java:231)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:368)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:273)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:261)
            at org.tmatesoft.svn.core.internal.io.dav.DAVConnection.exchangeCapabilities(DAVConnection.java:516)
            at org.tmatesoft.svn.core.internal.io.dav.DAVConnection.open(DAVConnection.java:98)
            at org.tmatesoft.svn.core.internal.io.dav.DAVRepository.openConnection(DAVRepository.java:1001)
            at org.tmatesoft.svn.core.internal.io.dav.DAVRepository.getLatestRevision(DAVRepository.java:178)
            at org.tmatesoft.svn.core.wc.SVNBasicClient.getRevisionNumber(SVNBasicClient.java:482)
            at org.tmatesoft.svn.core.wc.SVNBasicClient.getLocations(SVNBasicClient.java:851)
            at org.tmatesoft.svn.core.wc.SVNBasicClient.createRepository(SVNBasicClient.java:534)
            at org.tmatesoft.svn.core.wc.SVNUpdateClient.doCheckout(SVNUpdateClient.java:893)
            at hudson.scm.SubversionSCM$CheckOutTask.invoke(SubversionSCM.java:673)
            at hudson.scm.SubversionSCM$CheckOutTask.invoke(SubversionSCM.java:593)
            at hudson.FilePath.act(FilePath.java:676)
            at hudson.FilePath.act(FilePath.java:660)
            at hudson.scm.SubversionSCM.checkout(SubversionSCM.java:586)
            at hudson.scm.SubversionSCM.checkout(SubversionSCM.java:534)
            at hudson.model.AbstractProject.checkout(AbstractProject.java:1011)
            at hudson.model.AbstractBuild$AbstractRunner.checkout(AbstractBuild.java:485)
            at hudson.model.AbstractBuild$AbstractRunner.run(AbstractBuild.java:411)
            at hudson.model.Run.run(Run.java:1193)
            at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:46)
            at hudson.model.ResourceController.execute(ResourceController.java:88)
            at hudson.model.Executor.run(Executor.java:122)
            Caused by: java.lang.NullPointerException
            at java.io.FileInputStream.<init>(FileInputStream.java:103)
            at org.tmatesoft.svn.core.auth.SVNSSLAuthentication.<init>(SVNSSLAuthentication.java:46)
            at org.tmatesoft.svn.core.internal.wc.DefaultSVNAuthenticationManager$PersistentAuthenticationProvider.requestClientAuthentication(DefaultSVNAuthenticationManager.java:502)
            at org.tmatesoft.svn.core.internal.wc.DefaultSVNAuthenticationManager.getFirstAuthentication(DefaultSVNAuthenticationManager.java:159)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.initialize(HTTPSSLKeyManager.java:255)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.initializeNoException(HTTPSSLKeyManager.java:237)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.chooseClientAlias(HTTPSSLKeyManager.java:131)
            at com.sun.net.ssl.internal.ssl.AbstractWrapper.chooseClientAlias(SSLContextImpl.java:262)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:500)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:197)
            at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
            at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
            at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
            at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
            at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.sendData(HTTPConnection.java:226)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPRequest.dispatch(HTTPRequest.java:166)
            at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:345)
            ... 23 more
            Finished: FAILURE
            {noformat}

            More exploration:
            10) Navigate back to the job configure page for the job you just created
            11) View that the error message from step #2 is again visible, even though you entered the SSL creds and successfully authenticated.


            This is closely related to JENKINS-5348, but the difference is that JENKINS-5348 doesn't save the Repository URL after a successful first authentication, and this bug demonstrates that the SSL credential file and password are not saved, even when you do a work-around to get the Repository URL to save.

            I suspect that there needs to be a "save" step completed after the first successful authentication, which should save the Repository URL, the SSL certificate file, and the password for that file. This way, the credentials entered can be used to access the repository and build the project.
            scm_issue_link SCM/JIRA link daemon made changes -
            Status Open [ 1 ] Resolved [ 5 ]
            Resolution Fixed [ 1 ]
            abayer Andrew Bayer made changes -
            Status Resolved [ 5 ] Closed [ 6 ]
            rtyler R. Tyler Croy made changes -
            Workflow JNJira [ 135438 ] JNJira + In-Review [ 203480 ]

              People

              • Assignee:
                Unassigned
                Reporter:
                awixted awixted
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: