Issue
-
After upgrade CloudBees CI to version 2.289.2.2 until the corrected version (2.346.1.4) using RPM, the service fails to start, and the Jenkins logs shows the following:
java.io.IOException: Failed to start a listener: winstone.HttpsConnectorFactory [...] Caused by: java.io.IOException: keystore password was incorrect
Resolution
This issue is resolved in 2.346.1.4.
Explanation
Any installation or upgrade to CloudBees CI on traditional platforms 2.289.2.2
up till 2.346.1.4 using RPM fails in case a JENKINS_HTTPS_KEYSTORE_PASSWORD
is used in the configuration file /etc/sysconfig/cloudbees-core-[cm|oc]
. For example:
JENKINS_HTTPS_KEYSTORE_PASSWORD="changeit"
The value was not correctly interpreted by the script that executes the java command, which caused the Keystore password to be wrong.
Related Issue(s)
-
BEE-7171: Unable to correctly read JENKINS_HTTPS_KEYSTORE_PASSWORD from systemd config file
Workaround / Resolution
Until you are able to upgrade to 2.346.1.4, the workaround is to leave the JENKINS_HTTPS_KEYSTORE_PASSWORD
empty in the configuration file /etc/sysconfig/cloudbees-core-[cm|oc]
and add the password as a Jenkins option --httpsKeyStorePassword
in JENKINS_ARGS
.
Remove the Keystore Password from the JENKINS_HTTPS_KEYSTORE_PASSWORD
in the Configuration File
-
Edit the
/etc/sysconfig/cloudbees-core-cm
on the Controller host (or/etc/sysconfig/cloudbees-core-oc
for Operations Center) -
Locate the line where the
JENKINS_HTTPS_KEYSTORE_PASSWORD=...
is set:JENKINS_HTTPS_KEYSTORE_PASSWORD="<keystorePassword>"
-
Leave it empty:
JENKINS_HTTPS_KEYSTORE_PASSWORD=""
Add the Keystore Password as a Jenkins argument to JENKINS_ARGS
in the Configuration File
-
Locate the line where the
JENKINS_ARGS=...
is set:JENKINS_ARGS=""
-
Add the option
--httpsKeyStorePassword
with the password:JENKINS_ARGS="--httpsKeyStorePassword=<keystorePassword>"
Restart the service
systemctl restart cloudbees-core-[cm|oc]