3

We are getting an error "Unable to connect to GitHub API: org.kohsuke.github.HttpException: Server returned HTTP response code: -1, message: 'null' for URL: https://github.xxx.com/api/v3/user" when trying to use github pull request builder in jenkins

Kalaiyarasan
  • 267
  • 3
  • 6
  • 13

3 Answers3

1

You may need to add your Certificate Authority cert to the java keytool.

If you look in your jenkins log and find something like this:

org.kohsuke.github.HttpException: Server returned HTTP response code: -1, message: 'null' for URL: https://github.xxx.com/api/v3/user

Scroll down and see if there is a line like this:

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

This error is saying that the SSL handshake failed with something about the PKIX path/certpath. Try adding your CA Cert to the keytool and restarting Jenkins to see if that helps.

Here's the post that helped me modify the java certs with the keytool. (the default keytool password is "changeit")

Jeremiah Jordan
  • 11
  • 1
1

You can also try installing the skip certificate check plugin, in plugin manager.

dgedeon
  • 11
  • 2
0

it seems your java cacerts is not having correct certificate for your git URL. you may try following steps.

Step 1 : Get root certificate of https://www.google.com

  1. Open https://www.google.com in a chrome browser.
  2. Select Inspect from context menu(right clicking on page) and navigate to security tab
  3. Click on view certificates
  4. Click on top most certificate on hierarchy and confirm it is tailed with Root CA phrase.
  5. drag and drop that image which you saw written certificate on desktop.

Thats it! you got your root certificate!

Step 2 : install certificate to your java cacerts

please verify you have system variable JAVA_HOME declared and you will perform these steps on that jre cacerts only!

  1. Navigate to cacerts by JAVA_HOME/jre/lib/security/cacerts
  2. Download and install keytool explorer it is available for all platforms
  3. open cacerts in that tool and import cetificate by "import trusted certificate" button.
  4. Save your changes (you may come across issue if it is mac and you do not have write access!)

Step 3 : Restart jenkins

You should not get ssl handshake problem now onwards.

positivecrux
  • 1,307
  • 2
  • 16
  • 35