Jenkins安装后,安装插件失败。报错SunCertPathBuilderException

Jenkins(2020年及以后版本,2.260以上)安装后,插件下载时失败,

网上找了各种解决方法,修改jenkins插件的下载源地址:找到菜单Manage Jenkins → Manage Plugins → Advanced → Update Site,

把URL改为https://mirrors.tuna.tsinghua.edu.cn/jenkins/updates/update-center.json

或把默认地址https://updates.jenkins.io/update-center.json的https改为http再重启。

我把这些方法都试了以后,下载插件还是报错,心拨凉拨凉的。学技术的都最怕遇到环境问题,一个小环境问题可能要倒腾好几天。

嘿嘿,在我刚要选择投降放弃时,柳暗花明又一村,摸索到了以下Jenkins安装插件失败的另一种解决方法。

(Update Site的默认URL不需要动)

 

解决方案:

1.先编译如下文件InstallCert.java
   命令:javac InstallCert.java;
2.再运行InstallCert类,命令:java InstallCert <hostname>;出现提示后按1,回车。会生成jssecacerts 文件。
   PS:此处hostname 为 mirrors.tuna.tsinghua.edu.cn,国内jenkins下载插件的地址会重定向到清华大学提供的镜像文件库。
3.然后将生成的 jssecacerts 文件,拷贝到jdk中,目录位置:%JAVA_HOME%\jre\lib\security 
(例如 D:\Program Files\Java\jdk1.8.0_71\jre\lib\security)
![](https://img2020.cnblogs.com/blog/2022453/202012/2022453-20201203114222282-1291964264.png)
4.最后重新启动jenkins,证书才能生效。

文件:InstallCert.java
  1 /*
  2  * Copyright 2006 Sun Microsystems, Inc.  All Rights Reserved.
  3  *
  4  * Redistribution and use in source and binary forms, with or without
  5  * modification, are permitted provided that the following conditions
  6  * are met:
  7  *
  8  *   - Redistributions of source code must retain the above copyright
  9  *     notice, this list of conditions and the following disclaimer.
 10  *
 11  *   - Redistributions in binary form must reproduce the above copyright
 12  *     notice, this list of conditions and the following disclaimer in the
 13  *     documentation and/or other materials provided with the distribution.
 14  *
 15  *   - Neither the name of Sun Microsystems nor the names of its
 16  *     contributors may be used to endorse or promote products derived
 17  *     from this software without specific prior written permission.
 18  *
 19  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
 20  * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
 21  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 22  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR
 23  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 24  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 25  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 26  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 27  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 28  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 29  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 30  */
 31 
 32 import java.io.BufferedReader;
 33 import java.io.File;
 34 import java.io.FileInputStream;
 35 import java.io.FileOutputStream;
 36 import java.io.InputStream;
 37 import java.io.InputStreamReader;
 38 import java.io.OutputStream;
 39 import java.security.KeyStore;
 40 import java.security.MessageDigest;
 41 import java.security.cert.CertificateException;
 42 import java.security.cert.X509Certificate;
 43 
 44 import javax.net.ssl.SSLContext;
 45 import javax.net.ssl.SSLException;
 46 import javax.net.ssl.SSLSocket;
 47 import javax.net.ssl.SSLSocketFactory;
 48 import javax.net.ssl.TrustManager;
 49 import javax.net.ssl.TrustManagerFactory;
 50 import javax.net.ssl.X509TrustManager;
 51 
 52 public class InstallCert {
 53 
 54     public static void main(String[] args) throws Exception {
 55         String host;
 56         int port;
 57         char[] passphrase;
 58         if ((args.length == 1) || (args.length == 2)) {
 59             String[] c = args[0].split(":");
 60             host = c[0];
 61             port = (c.length == 1) ? 443 : Integer.parseInt(c[1]);
 62             String p = (args.length == 1) ? "changeit" : args[1];
 63             passphrase = p.toCharArray();
 64         } else {
 65             System.out
 66                     .println("Usage: java InstallCert <host>[:port] [passphrase]");
 67             return;
 68         }
 69 
 70         File file = new File("jssecacerts");
 71         if (file.isFile() == false) {
 72             char SEP = File.separatorChar;
 73             File dir = new File(System.getProperty("java.home") + SEP + "lib"
 74                     + SEP + "security");
 75             file = new File(dir, "jssecacerts");
 76             if (file.isFile() == false) {
 77                 file = new File(dir, "cacerts");
 78             }
 79         }
 80         System.out.println("Loading KeyStore " + file + "...");
 81         InputStream in = new FileInputStream(file);
 82         KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
 83         ks.load(in, passphrase);
 84         in.close();
 85 
 86         SSLContext context = SSLContext.getInstance("TLS");
 87         TrustManagerFactory tmf = TrustManagerFactory
 88                 .getInstance(TrustManagerFactory.getDefaultAlgorithm());
 89         tmf.init(ks);
 90         X509TrustManager defaultTrustManager = (X509TrustManager) tmf
 91                 .getTrustManagers()[0];
 92         SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);
 93         context.init(null, new TrustManager[] { tm }, null);
 94         SSLSocketFactory factory = context.getSocketFactory();
 95 
 96         System.out
 97                 .println("Opening connection to " + host + ":" + port + "...");
 98         SSLSocket socket = (SSLSocket) factory.createSocket(host, port);
 99         socket.setSoTimeout(10000);
100         try {
101             System.out.println("Starting SSL handshake...");
102             socket.startHandshake();
103             socket.close();
104             System.out.println();
105             System.out.println("No errors, certificate is already trusted");
106         } catch (SSLException e) {
107             System.out.println();
108             e.printStackTrace(System.out);
109         }
110 
111         X509Certificate[] chain = tm.chain;
112         if (chain == null) {
113             System.out.println("Could not obtain server certificate chain");
114             return;
115         }
116 
117         BufferedReader reader = new BufferedReader(new InputStreamReader(
118                 System.in));
119 
120         System.out.println();
121         System.out.println("Server sent " + chain.length + " certificate(s):");
122         System.out.println();
123         MessageDigest sha1 = MessageDigest.getInstance("SHA1");
124         MessageDigest md5 = MessageDigest.getInstance("MD5");
125         for (int i = 0; i < chain.length; i++) {
126             X509Certificate cert = chain[i];
127             System.out.println(" " + (i + 1) + " Subject "
128                     + cert.getSubjectDN());
129             System.out.println("   Issuer  " + cert.getIssuerDN());
130             sha1.update(cert.getEncoded());
131             System.out.println("   sha1    " + toHexString(sha1.digest()));
132             md5.update(cert.getEncoded());
133             System.out.println("   md5     " + toHexString(md5.digest()));
134             System.out.println();
135         }
136 
137         System.out
138                 .println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");
139         String line = reader.readLine().trim();
140         int k;
141         try {
142             k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1;
143         } catch (NumberFormatException e) {
144             System.out.println("KeyStore not changed");
145             return;
146         }
147 
148         X509Certificate cert = chain[k];
149         String alias = host + "-" + (k + 1);
150         ks.setCertificateEntry(alias, cert);
151 
152         OutputStream out = new FileOutputStream("jssecacerts");
153         ks.store(out, passphrase);
154         out.close();
155 
156         System.out.println();
157         System.out.println(cert);
158         System.out.println();
159         System.out
160                 .println("Added certificate to keystore 'jssecacerts' using alias '"
161                         + alias + "'");
162     }
163 
164     private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();
165 
166     private static String toHexString(byte[] bytes) {
167         StringBuilder sb = new StringBuilder(bytes.length * 3);
168         for (int b : bytes) {
169             b &= 0xff;
170             sb.append(HEXDIGITS[b >> 4]);
171             sb.append(HEXDIGITS[b & 15]);
172             sb.append(' ');
173         }
174         return sb.toString();
175     }
176 
177     private static class SavingTrustManager implements X509TrustManager {
178 
179         private final X509TrustManager tm;
180         private X509Certificate[] chain;
181 
182         SavingTrustManager(X509TrustManager tm) {
183             this.tm = tm;
184         }
185 
186         public X509Certificate[] getAcceptedIssuers() {
187             throw new UnsupportedOperationException();
188         }
189 
190         public void checkClientTrusted(X509Certificate[] chain, String authType)
191                 throws CertificateException {
192             throw new UnsupportedOperationException();
193         }
194 
195         public void checkServerTrusted(X509Certificate[] chain, String authType)
196                 throws CertificateException {
197             this.chain = chain;
198             tm.checkServerTrusted(chain, authType);
199         }
200     }
201 
202 }
View Code

 

Type) throws CertificateException { this.chain = chain; tm.checkServerTrusted(chain, authType); } } }

PS:尝遍了各种解决方法后,总有一款适合你(嘻嘻)。

​ 要是电脑的jenkins实在太难搞,不嫌麻烦的话,手动下载jenkins插件咯,再拷贝到目录 *C:\Users\Administrator.jenkins\plugins* (其实报错信息中含有对应的插件地址)

原文地址https://www.cnblogs.com/birdUncle/p/13789230.html

posted @ 2021-09-06 10:29  鹿先森丶  阅读(263)  评论(0编辑  收藏  举报