Search code examples
dockerjenkinsssl-certificateslackkeytool

Error posting to Slack - Docker jenkins unable to find valid certificate

My jenkins is running through docker-compose (Hosted as per this Link). I am trying to integrate jenkins with slack throughSlack Notification Plugin -2.45. Below is the snapshot of my slack configuration enabled in jenkins.

Jenkins Slack Configuration

Test Connection always returns Failure. Below ssl certificate error found in Jenkins System Log section.

Error posting to Slack
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:445)
Caused: sun.security.validator.ValidatorException: PKIX path building failed
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:450)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:317)
    at sun.security.validator.Validator.validate(Validator.java:262)
    at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:330)
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:237)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1621)
Caused: javax.net.ssl.SSLHandshakeException

My docker-container image is having below java version

# docker exec -it jenkins java -version
openjdk version "1.8.0_242"
OpenJDK Runtime Environment (build 1.8.0_242-b08)
OpenJDK 64-Bit Server VM (build 25.242-b08, mixed mode)

I have no problem in installing new plugins from Plugin Manager with https protocol.

To fix the certificate error i have changed https://updates.jenkins.io/update-center.json to http but still same problem persists.

Our Network proxy team confirmed that access to slack.com:443 already allowed.

How do i resolve this issue in my docker-jenkins? any pointer would be helpful.

Solution

  • Created dockerfile with COPY ./cacerts /usr/local/openjdk-8/jre/lib/security/ command, Now Jenkins and Slack connection works.