• Jenkis 无法下载插件问题解决


    在新机器上安装jenkins后,安装插件报如下错误

    sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    	at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
    	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
    	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
    	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
    Caused: sun.security.validator.ValidatorException: PKIX path building failed
    	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
    	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
    	at sun.security.validator.Validator.validate(Validator.java:260)
    	at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
    	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
    	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
    	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1491)
    Caused: javax.net.ssl.SSLHandshakeException
    	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
    	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
    	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
    	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509)
    	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
    	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
    	at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
    	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
    	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
    	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
    	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
    	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
    	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    	at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1513)
    	at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1441)
    	at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
    	at hudson.model.DownloadService.loadJSON(DownloadService.java:167)
    	at hudson.model.UpdateSite.updateDirectlyNow(UpdateSite.java:190)
    	at hudson.PluginManager.doCheckUpdatesServer(PluginManager.java:1633)
    	at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627)
    	at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:343)
    	at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:52)
    	at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)
    	at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:184)
    	at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:117)
    	at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:129)
    	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
    	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)
    	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)
    	at org.kohsuke.stapler.MetaClass$2.doDispatch(MetaClass.java:186)
    	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
    	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)
    	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)
    	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)
    	at org.kohsuke.stapler.Stapler.service(Stapler.java:238)
    	at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:135)
    	at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:138)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:85)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
    	at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
    	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    	at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)
    	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    	at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
    	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    	at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
    	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    	at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
    	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    	at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93)
    	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
    	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
    	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)
    	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
    	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
    	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:619)
    	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
    	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
    	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:651)
    	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
    	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
    	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:417)
    	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
    	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:754)
    	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1376)
    	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    	at java.lang.Thread.run(Thread.java:745)
    

     第一次遇到这种问题,百度了下找到如下解决方案

    原方案地址:

    http://blog.csdn.net/faye0412/article/details/6883879

    简要摘录如下

    新建一个java文件,代码如下

      1 /*
      2  * Copyright 2006 Sun Microsystems, Inc.  All Rights Reserved.
      3  *
      4  * Redistribution and use in source and binary forms, with or without
      5  * modification, are permitted provided that the following conditions
      6  * are met:
      7  *
      8  *   - Redistributions of source code must retain the above copyright
      9  *     notice, this list of conditions and the following disclaimer.
     10  *
     11  *   - Redistributions in binary form must reproduce the above copyright
     12  *     notice, this list of conditions and the following disclaimer in the
     13  *     documentation and/or other materials provided with the distribution.
     14  *
     15  *   - Neither the name of Sun Microsystems nor the names of its
     16  *     contributors may be used to endorse or promote products derived
     17  *     from this software without specific prior written permission.
     18  *
     19  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
     20  * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
     21  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
     22  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR
     23  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
     24  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
     25  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
     26  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
     27  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
     28  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
     29  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     30  */
     31 
     32 import java.io.BufferedReader;
     33 import java.io.File;
     34 import java.io.FileInputStream;
     35 import java.io.FileOutputStream;
     36 import java.io.InputStream;
     37 import java.io.InputStreamReader;
     38 import java.io.OutputStream;
     39 import java.security.KeyStore;
     40 import java.security.MessageDigest;
     41 import java.security.cert.CertificateException;
     42 import java.security.cert.X509Certificate;
     43 
     44 import javax.net.ssl.SSLContext;
     45 import javax.net.ssl.SSLException;
     46 import javax.net.ssl.SSLSocket;
     47 import javax.net.ssl.SSLSocketFactory;
     48 import javax.net.ssl.TrustManager;
     49 import javax.net.ssl.TrustManagerFactory;
     50 import javax.net.ssl.X509TrustManager;
     51 
     52 public class InstallCert {
     53 
     54     public static void main(String[] args) throws Exception {
     55         String host;
     56         int port;
     57         char[] passphrase;
     58         if ((args.length == 1) || (args.length == 2)) {
     59             String[] c = args[0].split(":");
     60             host = c[0];
     61             port = (c.length == 1) ? 443 : Integer.parseInt(c[1]);
     62             String p = (args.length == 1) ? "changeit" : args[1];
     63             passphrase = p.toCharArray();
     64         } else {
     65             System.out
     66                     .println("Usage: java InstallCert <host>[:port] [passphrase]");
     67             return;
     68         }
     69 
     70         File file = new File("jssecacerts");
     71         if (file.isFile() == false) {
     72             char SEP = File.separatorChar;
     73             File dir = new File(System.getProperty("java.home") + SEP + "lib"
     74                     + SEP + "security");
     75             file = new File(dir, "jssecacerts");
     76             if (file.isFile() == false) {
     77                 file = new File(dir, "cacerts");
     78             }
     79         }
     80         System.out.println("Loading KeyStore " + file + "...");
     81         InputStream in = new FileInputStream(file);
     82         KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
     83         ks.load(in, passphrase);
     84         in.close();
     85 
     86         SSLContext context = SSLContext.getInstance("TLS");
     87         TrustManagerFactory tmf = TrustManagerFactory
     88                 .getInstance(TrustManagerFactory.getDefaultAlgorithm());
     89         tmf.init(ks);
     90         X509TrustManager defaultTrustManager = (X509TrustManager) tmf
     91                 .getTrustManagers()[0];
     92         SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);
     93         context.init(null, new TrustManager[] { tm }, null);
     94         SSLSocketFactory factory = context.getSocketFactory();
     95 
     96         System.out
     97                 .println("Opening connection to " + host + ":" + port + "...");
     98         SSLSocket socket = (SSLSocket) factory.createSocket(host, port);
     99         socket.setSoTimeout(10000);
    100         try {
    101             System.out.println("Starting SSL handshake...");
    102             socket.startHandshake();
    103             socket.close();
    104             System.out.println();
    105             System.out.println("No errors, certificate is already trusted");
    106         } catch (SSLException e) {
    107             System.out.println();
    108             e.printStackTrace(System.out);
    109         }
    110 
    111         X509Certificate[] chain = tm.chain;
    112         if (chain == null) {
    113             System.out.println("Could not obtain server certificate chain");
    114             return;
    115         }
    116 
    117         BufferedReader reader = new BufferedReader(new InputStreamReader(
    118                 System.in));
    119 
    120         System.out.println();
    121         System.out.println("Server sent " + chain.length + " certificate(s):");
    122         System.out.println();
    123         MessageDigest sha1 = MessageDigest.getInstance("SHA1");
    124         MessageDigest md5 = MessageDigest.getInstance("MD5");
    125         for (int i = 0; i < chain.length; i++) {
    126             X509Certificate cert = chain[i];
    127             System.out.println(" " + (i + 1) + " Subject "
    128                     + cert.getSubjectDN());
    129             System.out.println("   Issuer  " + cert.getIssuerDN());
    130             sha1.update(cert.getEncoded());
    131             System.out.println("   sha1    " + toHexString(sha1.digest()));
    132             md5.update(cert.getEncoded());
    133             System.out.println("   md5     " + toHexString(md5.digest()));
    134             System.out.println();
    135         }
    136 
    137         System.out
    138                 .println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");
    139         String line = reader.readLine().trim();
    140         int k;
    141         try {
    142             k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1;
    143         } catch (NumberFormatException e) {
    144             System.out.println("KeyStore not changed");
    145             return;
    146         }
    147 
    148         X509Certificate cert = chain[k];
    149         String alias = host + "-" + (k + 1);
    150         ks.setCertificateEntry(alias, cert);
    151 
    152         OutputStream out = new FileOutputStream("jssecacerts");
    153         ks.store(out, passphrase);
    154         out.close();
    155 
    156         System.out.println();
    157         System.out.println(cert);
    158         System.out.println();
    159         System.out
    160                 .println("Added certificate to keystore 'jssecacerts' using alias '"
    161                         + alias + "'");
    162     }
    163 
    164     private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();
    165 
    166     private static String toHexString(byte[] bytes) {
    167         StringBuilder sb = new StringBuilder(bytes.length * 3);
    168         for (int b : bytes) {
    169             b &= 0xff;
    170             sb.append(HEXDIGITS[b >> 4]);
    171             sb.append(HEXDIGITS[b & 15]);
    172             sb.append(' ');
    173         }
    174         return sb.toString();
    175     }
    176 
    177     private static class SavingTrustManager implements X509TrustManager {
    178 
    179         private final X509TrustManager tm;
    180         private X509Certificate[] chain;
    181 
    182         SavingTrustManager(X509TrustManager tm) {
    183             this.tm = tm;
    184         }
    185 
    186         public X509Certificate[] getAcceptedIssuers() {
    187             throw new UnsupportedOperationException();
    188         }
    189 
    190         public void checkClientTrusted(X509Certificate[] chain, String authType)
    191                 throws CertificateException {
    192             throw new UnsupportedOperationException();
    193         }
    194 
    195         public void checkServerTrusted(X509Certificate[] chain, String authType)
    196                 throws CertificateException {
    197             this.chain = chain;
    198             tm.checkServerTrusted(chain, authType);
    199         }
    200     }
    201 
    202 }
    View Code

    编译InstallCert.java,然后执行:java InstallCert updates.jenkins.io

    将证书jssecacerts拷贝到$JAVA_HOME/jre/lib/security目录下,重启tomcat即可

  • 相关阅读:
    【笔记】算法图解
    redis两个主同时挂
    redis有间隔的kill 两个主:
    数据中心机房燃气分布式能源系统的作用是什么?
    C# DEBUG 调试信息打印及输出详解
    C# DEBUG 调试信息打印及输出详解
    C# DEBUG 调试信息打印及输出详解
    C# DEBUG 调试信息打印及输出详解
    多态中的题目分析题
    多态中的题目分析题
  • 原文地址:https://www.cnblogs.com/monley/p/8448024.html
Copyright © 2020-2023  润新知