Jenkins 插件 地址证书报错问题解决思路
問題提示摘要:
SunCertPathBuilderException: unable to find valid certification path to requested target
......
網上很多的解決方式是更新站點的地址,我這里修改了一個日本的地址(清華鏡像也好),其實發現是解決不了上述的報錯問題的,其實,最終拉去插件的時候,會提示證書的問題,幾經周折找到了其中一遍博文的方案,經實踐是可行的,實踐出真知。
之前我一直停留在 https 改成 http 的認知,但其實當你細心的看報錯信息,其實提示的是證書問題。于是帶著問題去找方案就好辦了,感謝下屬方案的博主分享。
解決方案:
配置Java SSL 訪問網站證書
最近在開發 Java 訪問 Azure ServiceBus 時遇到SSL證書問題,導致JAVA報錯,不能正常訪問,報錯信息如下:
javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
解決方法:配置要訪問網站的域名證書,并導入的服務器jdk環境中
- 從https://github.com/escline/InstallCert下載InstallCert.java
- 編譯javac InstallCert.java
- 運行InstallCert,參數是你調用的網址(Azure事件中心的地址),如果是80端口可以省略port
java InstallCert [host]:[port]例:java InstallCert abc.com:443運行后會列出證書讓你選擇,輸入1回車,最后會在當前目錄生成一個jssecacerts文件。
1. 導出證書文件
1)???? 使用CMD命令進入jssecacerts文件所在目錄
2)???? 運行以下命令,導出證書文件:
keytool -exportcert -alias [host]-1 -keystore jssecacerts -storepass changeit -file [host].cer例:keytool -exportcert -alias www.abc.com-1 -keystore jssecacerts -storepass changeit -file www.abc.com.cer<br>將證書文件導入系統keystore
keytool -importcert -alias [host] -keystore [path to system keystore] -storepass changeit -file [host].cer例:keytool -importcert -alias www.abc.com -keystore "C:\Program Files\Java\jre1.8.0_111\lib\security\cacerts" -storepass changeit -file www.abc.com.cer?
# Example:java InstallCert woot.com:443Loading KeyStore /usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/security/cacerts...Opening connection to woot.com:443...Starting SSL handshake...javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target<...>Server sent 1 certificate(s):1 Subject O=Woot Inc, C=US, ST=Texas, L=Carrollton, CN=*.woot.comIssuer? CN=SecureTrust CA, O=SecureTrust Corporation, C=USsha1??? 4b 46 ca 6b 83 05 b3 51 ff c6 e7 9c fd b3 9b e3 3f 2e c4 53md5???? e8 a5 88 1b d5 67 bb fc 88 cc b1 c5 2b ac c4 7dEnter certificate to add to trusted keystore or 'q' to quit: [1][enter][[Version: V3Subject: O=Woot Inc, C=US, ST=Texas, L=Carrollton, CN=*.woot.comSignature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5<...>Added certificate to keystore 'jssecacerts' using alias 'woot.com-1'keytool -exportcert -alias woot.com-1 -keystore jssecacerts -storepass changeit -file woot.com.cerCertificate stored in file <woot.com.cer>(sudo) keytool -importcert -alias woot.com -keystore /usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/security/cacerts -storepass changeit -file woot.com.cerOwner: O=Woot Inc, C=US, ST=Texas, L=Carrollton, CN=*.woot.comIssuer: CN=SecureTrust CA, O=SecureTrust Corporation, C=US<...>Trust this certificate? [no]:yesCertificate was added to keystore
修改默認Jenkins插件源與連接檢測位置(加速)
$ sed -i 's/http:\/\/updates.jenkins.io\/download/https:\/\/mirrors.tuna.tsinghua.edu.cn\/jenkins/g' /home/jenkins/root/updates/default.json
$ sed -i 's/http:\/\/www.google.com/https:\/\/www.baidu.com/g' /home/jenkins/root/updates/default.json修改為清華鏡像的文件下載:https://download.csdn.net/download/u013490585/12831832?
附件:https://github.com/mwanlyc/InstallCert
參考地址:https://www.cnblogs.com/oceanwang/p/6229789.html
總結
以上是生活随笔為你收集整理的Jenkins 插件 地址证书报错问题解决思路的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 洱海去哪里租电瓶车
- 下一篇: jenkins 插件执行shell命令时