无法在 Docker 中部署的 Jenkins 中安装插件
Unable to install Plugins in Jenkins deployed in Docker
我使用最新的官方镜像成功安装了 Jenkins https://hub.docker.com/r/jenkins/jenkins and added the https://repo.jenkins-ci.org, https://updates.jenkins-ci.org/, https://updates.jenkins.io/, https://www.jenkins.io/ SSL 证书到 jenkins 的 cacerts 和 jdk 并提供了到 JAVA_OPTS 的 cacerts 路径,但我仍然得到低于例外
hudson.PluginManager#doCheckUpdatesServer: Error checking update sites for 1 attempt(s). Last exception was: SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
下面是我的合成文件
version: '3.7'
services:
jenkins:
image: jenkins/jenkins:lts-jdk11
privileged: true
user: root
environment:
JAVA_OPTS: -Djavax.net.ssl.trustStore=/var/jenkins_home/keystore/cacerts -Dhudson.model.UpdateCenter.pluginDownloadReadTimeoutSeconds=120
ports:
- 8080:8080
- 50000:50000
volumes:
- jenkins_home:/var/jenkins_home
volumes:
jenkins_home:
添加到 cacerts 的证书
root@**************:/# keytool -list -v -keystore $JENKINS_HOME/keystore/cacerts | grep jenkins
Enter keystore password: **************
Alias name: https://repo.jenkins-ci.org
Owner: CN=repo.jenkins-ci.org
DNSName: repo.jenkins-ci.org
Alias name: https://updates.jenkins-ci.org/
Owner: CN=updates.jenkins-ci.org
DNSName: updates.jenkins-ci.org
Alias name: https://updates.jenkins.io/
Owner: CN=updates.jenkins.io
DNSName: updates.jenkins.io
Alias name: https://www.jenkins.io/
Owner: CN=jenkins.io
DNSName: jenkins.io
root@**************:/#
我哪里错了?
错误消息指出,TLS 客户端无法找到从服务器在 TLS 握手期间提供的 X.509 证书到信任库中任何 X.509 证书的路径。要么你在那里遗漏了一些东西,要么你没有使用你认为你正在使用的信任库。您可以检查 -Djavax.net.debug=ssl,handshake.
使用了哪个信任库
我使用最新的官方镜像成功安装了 Jenkins https://hub.docker.com/r/jenkins/jenkins and added the https://repo.jenkins-ci.org, https://updates.jenkins-ci.org/, https://updates.jenkins.io/, https://www.jenkins.io/ SSL 证书到 jenkins 的 cacerts 和 jdk 并提供了到 JAVA_OPTS 的 cacerts 路径,但我仍然得到低于例外
hudson.PluginManager#doCheckUpdatesServer: Error checking update sites for 1 attempt(s). Last exception was: SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
下面是我的合成文件
version: '3.7'
services:
jenkins:
image: jenkins/jenkins:lts-jdk11
privileged: true
user: root
environment:
JAVA_OPTS: -Djavax.net.ssl.trustStore=/var/jenkins_home/keystore/cacerts -Dhudson.model.UpdateCenter.pluginDownloadReadTimeoutSeconds=120
ports:
- 8080:8080
- 50000:50000
volumes:
- jenkins_home:/var/jenkins_home
volumes:
jenkins_home:
添加到 cacerts 的证书
root@**************:/# keytool -list -v -keystore $JENKINS_HOME/keystore/cacerts | grep jenkins
Enter keystore password: **************
Alias name: https://repo.jenkins-ci.org
Owner: CN=repo.jenkins-ci.org
DNSName: repo.jenkins-ci.org
Alias name: https://updates.jenkins-ci.org/
Owner: CN=updates.jenkins-ci.org
DNSName: updates.jenkins-ci.org
Alias name: https://updates.jenkins.io/
Owner: CN=updates.jenkins.io
DNSName: updates.jenkins.io
Alias name: https://www.jenkins.io/
Owner: CN=jenkins.io
DNSName: jenkins.io
root@**************:/#
我哪里错了?
错误消息指出,TLS 客户端无法找到从服务器在 TLS 握手期间提供的 X.509 证书到信任库中任何 X.509 证书的路径。要么你在那里遗漏了一些东西,要么你没有使用你认为你正在使用的信任库。您可以检查 -Djavax.net.debug=ssl,handshake.