Artifactory SSL /TeamCity Plugin

0
votes

We recently were mandated to make our console access for TeamCity and Artifactory to use https. Both products are on a single Windows 10 desktop. We imported a signed CA for the machine and both Artifactory and TeamCity login works fine with SSL and certs are working, browser satisfied.

However, when I set the same Artifactory SSL URL in the TeamCity console under integrated Artifactory server URL configuration and hit the test connection it fails with the error below. We've imported the root certs and all needed in cert chain but still no go. TeamCity support says this is in JFrog code. Any ideas? I really need to turn off the non SSL port but can't until I have this resolved....thanks.

Error: Error occurred while requesting version information: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target (javax.net.ssl.SSLHandshakeException)

1
artifactory
Surely someone from JFrog knows how to get this working. This question was posed 3 weeks ago....does Artifactory need the certificate imported somewhere else? - dljohnson69

1 Answers

0
votes

The issue is Teamcity does not have the certificate in its Trusted list of certificates. Teamcity comes with it's own java and therefore the cacerts file is located under /jre/lib/security/cacerts .

To add the certificate you will need to run keytool.exe located in your JDK\bin folder.

keytool.exe -importcert -file "C:\artifactory-oss-6.1.0\Artifactory.crt" -trustcacerts -keystore "C:\TeamCity\jre\lib\security\caserts"

The following will gives advice on how to setup SSL in Artifactory for anyone looking Putting Artifactory behind SSL .

Also I had to clear my cache as I was getting authentication issues when testing Teamcity connection to Artifactory.