Cannot login to Jenkins using OpenShift 4 OAuth
Issue
- Logging into Jenkins using OpenShift OAuth and a custom PKI fails. Below are logs pulled from Jenkins Pod:
2020-01-30 01:35:41.488+0000 [id=12] INFO o.o.j.p.o.OpenShiftOAuth2SecurityRealm#populateDefaults: OpenShift OAuth: provider: OpenShiftProviderInfo: issuer: https://oauth-openshift.apps.openshift.example.com auth ep: https://oauth-openshift.apps.openshift.example.com/oauth/authorize token ep: https://oauth-openshift.apps.openshift.example.com/oauth/token
2020-01-30 01:35:41.489+0000 [id=12] INFO o.o.j.p.o.OpenShiftOAuth2SecurityRealm#useProviderOAuthEndpoint: OpenShift OAuth server is 4.x, specifically OpenShiftVersionInfo: major: 1 minor: 14+ gitVersion: v1.14.6+8bbaf43
2020-01-30 01:35:41.490+0000 [id=12] INFO o.o.j.p.o.OpenShiftOAuth2SecurityRealm#initializeHttpsProxyAuthenticator: Checking if HTTPS proxy initialization is required ...
2020-01-30 01:35:41.501+0000 [id=12] INFO o.o.j.p.o.OpenShiftOAuth2SecurityRealm#transportToUse: OpenShift OAuth got an SSL error when accessing the issuer's token endpoint when using the SA certificate
2020-01-30 01:35:41.510+0000 [id=12] INFO o.o.j.p.o.OpenShiftOAuth2SecurityRealm#transportToUse: OpenShift OAuth provider token endpoint failed unexpectedly using the JVMs default keystore
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
Caused: sun.security.validator.ValidatorException: PKIX path building failed
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
Environment
- Red Hat OpenShift Container Platform
- 4.2
- 4.3
- 4.4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.