-
Notifications
You must be signed in to change notification settings - Fork 143
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Checking Ignore unverified SSL certificates does not actually ignore #13
Comments
…Stash. Previously would still throw SSLPeerUnveritifiedException even when checked so replaced SSLContext and UnsafeX509TrustManager with TrustStrategy as advised on the following StackOverflow link: http://stackoverflow.com/questions/9101763/sslpeerunverifiedexception-with-httpclient
Hello, we had the same problem... debugging the plugin on a actual jenkins i found out, that the instance variables (private final String stashServerBaseUrl etc..) where always null... So for some reason: @DataBoundConstructor was not doing its Job and setting the properties... only explanation for me was, that Jenkins is setting the Properties by Reflection somhow ... an then the problem was: if (!ignoreUnverifiedSSL) { never went into the case "https" As quick and dirty solution we builded our own patched Plugin with all the Instance Variable Settings hard coded and made final Was there a change in the jenkins plugin configuration api latly? Best regards and thank you for the development of the great plugin Daniel |
Hi, noticed two points:
Anyhow, thanks for this helpful plugin! Regards Theresa Edit: Added changes as pull request ;) |
… check If no configuration for repository was set use global Stash URL to check whether HTTPS should be used.
…d values in global configuration
When this fix is going to get into Jenkins plugin repo? |
is there a plan to release a version of the plugin with this fix? |
I've just distributed a Snapshot version to to more devs with the same problem to confirm the fix works. I plan to release ASAP after the confirmation (can't test myself, currently). Hang in there |
I'm trying to create a setup with an unverified SSL certificate. Stash is now up and running. I can clone a repo using https on the command line. I was not able to get it running in Jenkins though. When trying to configure the git repo url, I got a "Invalid certificate chain" error. Can s.o. please give me a hint as to what needs to be done here? Are you cloning via ssh or https? Did you have to configure Jenkins to make this work? |
Changes are included in release 1.7. |
…ushes to Stash. Previously would still throw SSLPeerUnveritifiedException even when checked so replaced SSLContext and UnsafeX509TrustManager with TrustStrategy as advised on the following StackOverflow link: http://stackoverflow.com/questions/9101763/sslpeerunverifiedexception-with-httpclient
… check If no configuration for repository was set use global Stash URL to check whether HTTPS should be used.
…d values in global configuration
Even though I have 'Ignore unverified SLL certificates' I still get the message:
'SSLPeerUnverifiedException caught while notifying Stash. Make sure your SSL certificate on your Stash server is valid or check the 'Ignore unverifiable SSL certificate' checkbox in the Stash plugin configuration of this job.' in my console output.
The text was updated successfully, but these errors were encountered: