I have installed the Jenkins plugin for the Play! framework: https://wiki.jenkins-ci.org/display/JENKINS/play-plugin
However, I run into a problem configuring that plugin. The Jenkins server doesn't have Play installed, so I tried to configure the auto-install, using the "Install automatically" option. Unfortunately, when I pass the URL to the Typesafe Activator's ZIP archive, I get a handshake failure.
The Jenkins server is a part of the Cloudbees cloud.
Any ideas on what is going wrong and how to deal with it?
EDIT: Changing "https" to "http" resolves the handshake problem. However, Play does not get installed on the Jenkins server. The build does not find the "activator" executable. I suspect this may be an issue with the Play plugin for Jenkins.
it seems your java cacerts is not having correct certificate. you may try following steps.
Step 1 : Get root certificate of https://www.google.com
Open https://www.google.com in a chrome browser.
Select Inspect from context menu(right clicking on page) and navigate to security tab
Click on view certificates
Click on top most certificate on hierarchy and confirm it is tailed with Root CA phrase.
drag and drop that image which you saw written certificate on desktop.
Thats it! you got your root certificate!
Step 2 : install certificate to your java cacerts
please verify you have system variable JAVA_HOME declared and you will perform these steps on that jre cacerts only!
Navigate to cacerts by JAVA_HOME/jre/lib/security/cacerts
Download and install keytool explorer it is available for all platforms
open cacerts in that tool and import cetificate by "import trusted certificate" button.
Save your changes (you may come across issue if it is mac and you do not have write access!)
Step 3 : Restart jenkins
You should not get ssl handshake problem now onwards.
Related
I am trying to run git clone in Spring Tool Suite (eclipse) from local gitlab server.
I'm using HTTPS clone url and the server certificate is signed by our organization CA.
I'm getting the error: unable to find valid certification path to requested target.
The root certificate of the organization is in the Windows trusted certificates store.
I tried placing the git configuration in the path %USERPROFILE%\.gitconfig with the content:
[http]
sslBackend = schannel
I can see in STS that the configuration was loaded in the eclipse preferences, but the error is still there.
Any idea how to get git commands in STS / Eclipse to trust the Windows certificate store?
Thanks,
Eyal
found it...
I had to add to the java options in the SpringToolSuite4.ini
javax.net.ssl.trustStore=NUL
javax.net.ssl.trustStoreType=Windows-ROOT
Then java trusted the Windows keystore
This is going to sound like a ridiculous question, but using the SonarLint Eclipse plugin (v3.2.0) on the latest Eclipse (Oxygen), I am unable to add a new SonarQube server connection.
I am working behind a company firewall, but that doesnt appear to be an issue. I am following the steps here and am able to successfully connect to our internal SonarQube instance, provide my credentials, but it is just on the final step, that the 'Finish' button does not seem to do anything, see screen below:
I appreciate there is probably some background processes need to run in order for this Finish to actually finish :) But this doesnt appear to be doing anything...Anyone else experience this issue?
Any before people ask, I've restarted Eclipse/laptop, uninstalled and reinstalled SonarLint plugin etc.
Thanks in advance!
SonarLint in Eclipse are storing credentials in Eclipse secure storage that itself is protected by a master password. So you must reset it or delete it to add a new SonarQube server connection. You can try this step :
In your Eclipse Go to Window > Preferences, filter and find Secure Storage.
In the Tab Contents find and highlight org.sonarlint.eclipse.core, click Delete > Apply > OK. After deletion process is finished, Eclipse will ask if you want to restart the IDE. It is strongly recommended that you restart the IDE and try again to adding SonarQube server in Eclipse.
Thanks.
On my linux machine I had the same issue, because the used master password provider doesn't work properly.
This answer worked for me:
Open Window > Preferences
Go to General > Security > Secure Storage
At Master password providers uncheck the used provider. The enabled provider with the highest priority is the used one [for me it was "Linux Integration (64 bit)"].
Click apply
I also encountered this problem, but was able to work around it.
This is environment in which I was running:
Eclipse Oxygen.1
Linux VM (VirtualBox) on Windows host
Solution that worked for me based on this post:
Uninstall SonarLint.
Reinstall using Help -> Install new software...
On the Install dialog, un-check the option "Show only the latest versions of available software"
Select the older version of SonarLint.
Select Next and continue with the install.
After installing, configure your SonarQube server like normal.
Upgrade to the latest version of SonarLint via Help -> Check for Updates
In my case the problem also concerned the credentials storage but was caused by the Avecto Defendpoint Client. The company restricted the permissions to create subfolders in user home (c:\users<username>). I had to create manually missing subfolders (.sonarlint and .eclipse) after access level elevation and after filling the reason in a text field. Then I had to give the permissions to those folders for myself. Having created them I could proceed with adding server to sonarlint plugin.
I'm trying to connect my Eclipse IDE to my company's sonar server instance, but I can't figure out why it doesn't work.
When I access the server (https://mycompany.com/sonar, for example purposes) through the browser, it works perfectly. In Eclipse, I added the url to the servers section of SonarQube and the same credentials I used in the browser. When I hit Test Connection, I get the error message:
Unable to connect: Query: https://mycompany.com/sonar//api/authentication/validate
I'm using the native option in Eclipse's network settings, since I'm not behind any proxy. The company SonarQube server version is 4.5.5.
Am I doing something wrong? Does anyone know how to fix this?
Edit: the certificate is also added to JRE
I suspect the /api/aut is due to some UI truncation, just expand the 'Add SonarQube Server' window to verify that.
You are trying to connect to an HTTPS URL, is the server certificate trusted by Java ? Use keytool to do that, as explained in this post.
Check the sonar link you have configured in eclipse - https://mycompany.com/sonar**//**api/authentication/validate
You need to give the url https://mycompany.com/sonar and not https://mycompany.com/sonar/
We have a java webstart application which is hosted a web server. The signer of the SSL certificate in the web server is not in the cacerts of the JRE, by default. Thus when we run
javaws https://blablah/our.jnlp
we get a Security Warning dialog saying the connection the website is untrusted. Is it possible to pass a custom truststore that contains the singer certificate to the javaws process? to avoid the warning?
I was hoping following would work
javaws -J-Djavax.net.ssl.trustStore=<path_to_custom_trusstore> https://blablah/our.jnlp
where custom_trusstore contains the signer certificate.
This does not seem to work. Warning still shows.
I know alternatively we can add the signer certificate from the Java Control Panel, but is there any other way?
have you tried to add the password?
-Djavax.net.ssl.trustStorePassword=storePassword
I have installed the Eclipse Java EE Developers Helios SR2 IDE. The only additional plugins, installed from the Eclipse marketplace, are WebSphere Application Server 8.0 Developer Tools (8.0.4) and JGit/EGit.
I could attach to github fine until I follow the steps on the IBM site to update the eclipse.ini file to use the IBM-provided JRE that comes with WAS8.
Once I changed Eclipse to use the IBM JRE, I could not connect to github. When I tried to clone a repository, for instance, I got the error here:
my/url/to.git: cannot open git-upload-pack
java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory
I updated the configuration file as documented here:
http://publib.boulder.ibm.com/infocenter/radhelp/v7r5/index.jsp?topic=%2Fcom.ibm.ws.ast.st.v6.ui.doc%2Ftopics%2Frssl_isUseIBMSSLSocketFactory.html
After I make the change, it still doesn't work. I get this error:
my/url/to.git: cannot open git-upload-pack
com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:
java.security.cert.CertPathValidatorException: The certificate issued by CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US is not trusted; internal cause is:
java.security.cert.CertPathValidatorException: Certificate chaining error
(Firstly, I'm not sure why you want to run Eclipse on the IBM JRE. If you need the IBM JRE for specific projects (or even by default) as the running environment, you could add it and set it in the Workspace (or Project) properties.)
This error is happening because the IBM JRE doesn't trust this certificate (CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US) out of the box.
Both the Oracle and the IBM JRE come with a default set of trusted CA certificates.
In Oracle Java, they're located in "jssecacerts, if it exists. Otherwise, cacerts". The documentation also says:
IMPORTANT NOTE: The JDK ships with a limited number of trusted root
certificates in the /lib/security/cacerts file. As
documented in keytool, it is your responsibility to maintain (that is,
add/remove) the certificates contained in this file if you use this
file as a truststore.
Depending on the certificate configuration of the servers you contact,
you may need to add additional root certificate(s). Obtain the needed
specific root certificate(s) from the appropriate vendor.
This may be in a different place for the IBM JRE, but ultimately, this piece of advice also applies: it's ultimately up to you to make sure you have the CA certificates you want to trust. You could export them from your browser, for example.