Issue
-
After upgrade CloudBees CI to version 2.289.2.2 until the corrected version (2.346.1.4) using RPM, the service fails to start, and the Jenkins logs shows the following:
java.io.IOException: Failed to start a listener: winstone.HttpsConnectorFactory
[...]
Caused by: java.io.IOException: keystore password was incorrect
Resolution
This issue is resolved in 2.346.1.4.
Explanation
Any installation or upgrade to CloudBees CI on traditional platforms 2.289.2.2 up till 2.346.1.4 using RPM fails in case a JENKINS_HTTPS_KEYSTORE_PASSWORD is used in the configuration file /etc/sysconfig/cloudbees-core-[cm|oc]. For example:
JENKINS_HTTPS_KEYSTORE_PASSWORD="changeit"
The value was not correctly interpreted by the script that executes the java command, which caused the Keystore password to be wrong.
Related Issue(s)
-
BEE-7171: Unable to correctly read JENKINS_HTTPS_KEYSTORE_PASSWORD from systemd config file
Workaround / Resolution
Until you are able to upgrade to 2.346.1.4, the workaround is to leave the JENKINS_HTTPS_KEYSTORE_PASSWORD empty in the configuration file /etc/sysconfig/cloudbees-core-[cm|oc] and add the password as a Jenkins option --httpsKeyStorePassword in JENKINS_ARGS.
Remove the Keystore Password from the JENKINS_HTTPS_KEYSTORE_PASSWORD in the Configuration File
-
Edit the
/etc/sysconfig/cloudbees-core-cmon the Controller host (or/etc/sysconfig/cloudbees-core-ocfor Operations Center) -
Locate the line where the
JENKINS_HTTPS_KEYSTORE_PASSWORD=...is set:JENKINS_HTTPS_KEYSTORE_PASSWORD="<keystorePassword>"
-
Leave it empty:
JENKINS_HTTPS_KEYSTORE_PASSWORD=""
Add the Keystore Password as a Jenkins argument to JENKINS_ARGS in the Configuration File
-
Locate the line where the
JENKINS_ARGS=...is set:JENKINS_ARGS=""
-
Add the option
--httpsKeyStorePasswordwith the password:JENKINS_ARGS="--httpsKeyStorePassword=<keystorePassword>"
Restart the service
systemctl restart cloudbees-core-[cm|oc]