Geek Answers Handbook

Running Jenkins Firmware

When starting a slave agent from a slave using the option "Launch agent from a browser on a slave", it does not work. It opens a window for slave-agent.jnlp and when you open it using the Java Web Start Launcher, a pop-up launch application is displayed, and then a pop-up message appears with the message "Certificate verification failed." And error information

java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: java.security.InvalidKeyException: Wrong key usage at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source) at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source) at com.sun.javaws.LaunchDownload.checkSignedResourcesHelper(Unknown Source) at com.sun.javaws.LaunchDownload.checkSignedResources(Unknown Source) at com.sun.javaws.Launcher.prepareResources(Unknown Source) at com.sun.javaws.Launcher.prepareAllResources(Unknown Source) at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source) at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source) at com.sun.javaws.Launcher.launch(Unknown Source) at com.sun.javaws.Main.launchApp(Unknown Source) at com.sun.javaws.Main.continueInSecureThread(Unknown Source) at com.sun.javaws.Main$1.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.security.cert.CertPathValidatorException: java.security.InvalidKeyException: Wrong key usage at sun.security.provider.certpath.OCSPResponse.verifyResponse(Unknown Source) at sun.security.provider.certpath.OCSPResponse.<init>(Unknown Source) at sun.security.provider.certpath.OCSP.check(Unknown Source) at sun.security.provider.certpath.OCSP.check(Unknown Source) at com.sun.deploy.security.TrustDecider.doOCSPEEValidation(Unknown Source) ... 13 more Caused by: java.security.InvalidKeyException: Wrong key usage at java.security.Signature.initVerify(Unknown Source) ... 18 more

Where, as when I run the option "if the slave is headless", it opens the command line and shows messages about connecting to the master. The slave is also displayed online in the control panel.

The wizard is located on my local computer, and I connect to the remote computer (WinXP) via VPN, I want to use this remote as a subordinate as a Windows service, and not run the command line. Can anyone advise?

+7
source share
2 answers

After installing the Jenkins slave as a service, go to the configured "Remote root" on your slave, open the jenkins-slave.xml in a text editor, add -noCertificateCheck to the end of the <arguments> and restart the service. This should get rid of the certificate exception.

+15
source

First, select β€œJava” from the control panel. Select the Advanced tab. Spend "Security", make sure "Enable online certificate verification" and "Enable online certificate verification for publisher certificate only" are not checked.
Then run the JNLP file. You need to create a Jenkins root directory if it does not exist.
Finally, follow @sschuberth's answer.

0
source

More articles:


All Articles