Jenkins unable to connect to ldaps://server

2
votes

I'm trying to connect Jenkins to a LDAP server. I set the configuration on Jenkins, but i get his message:

Unable to connect to ldaps://ldap.my.server.com : javax.naming.CommunicationException: simple bind failed: ldap.my.server.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]

I know is because my SSL cert is self signed, but, is there any way that i can just ignore this in jenkins?

2
javassljenkinsldap

2 Answers

1
votes

Your truststore doesn't trust the server certificate. If it's self-signed you'll need to export it from the server and import it into your client truststore. Better still, get it signed.

0
votes

Have you considered skipping certificate validation altogether? Here's a piece of code I found some time ago while wrapping my head around the same problem:

public static void trustSelfSignedSSL() {
    try {
        SSLContext ctx = SSLContext.getInstance("TLS");
        X509TrustManager tm = new X509TrustManager() {

            @Override
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            @Override
            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            @Override
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };
        ctx.init(null, new TrustManager[] { tm }, null);
        SSLContext.setDefault(ctx);
        } catch (Exception ex) {
            ex.printStackTrace();
        }
    }

Hope this will help