[] Upgrade/Installation to on CloudBees CI on Traditional through .rpm fails on startup if JENKINS_HTTPS_KEYSTORE_PASSWORD is set

Article ID:4404260750619
1 minute readKnowledge base


  • After upgrade CloudBees CI to version until the corrected version (2.346.1.4) using RPM, the service fails to start, and the Jenkins logs shows the following:

java.io.IOException: Failed to start a listener: winstone.HttpsConnectorFactory
Caused by: java.io.IOException: keystore password was incorrect


This issue is resolved in 2.346.1.4.


Any installation or upgrade to CloudBees CI on traditional platforms up till 2.346.1.4 using RPM fails in case a JENKINS_HTTPS_KEYSTORE_PASSWORD is used in the configuration file /etc/sysconfig/cloudbees-core-[cm|oc]. For example:


The value was not correctly interpreted by the script that executes the java command, which caused the Keystore password to be wrong.

  • BEE-7171: Unable to correctly read JENKINS_HTTPS_KEYSTORE_PASSWORD from systemd config file

Workaround / Resolution

Until you are able to upgrade to 2.346.1.4, the workaround is to leave the JENKINS_HTTPS_KEYSTORE_PASSWORD empty in the configuration file /etc/sysconfig/cloudbees-core-[cm|oc] and add the password as a Jenkins option --httpsKeyStorePassword in JENKINS_ARGS.

Remove the Keystore Password from the JENKINS_HTTPS_KEYSTORE_PASSWORD in the Configuration File

  • Edit the /etc/sysconfig/cloudbees-core-cm on the Controller host (or /etc/sysconfig/cloudbees-core-oc for Operations Center)

  • Locate the line where the JENKINS_HTTPS_KEYSTORE_PASSWORD=... is set:

  • Leave it empty:


Add the Keystore Password as a Jenkins argument to JENKINS_ARGS in the Configuration File

  • Locate the line where the JENKINS_ARGS=... is set:

  • Add the option --httpsKeyStorePassword with the password:


Restart the service

systemctl restart cloudbees-core-[cm|oc]