0

I have a job that Sends Notification On success or On failure. It uses the Webhook option. The webhook is a Rundeck API that executes a job. Here is my notification setup

I've check on the rundeck.log. It has the following error:

ERROR services.NotificationService [quartzScheduler_Worker-6] - Notification failed [onsuccess,succeeded,238621]; URL https://client-dns/api/33/job/cd3b3a1b-90c9-4c99-bf29-46c5aad1b4ff/run?authtoken=6XpW50hvZoPUTtlwucKGJ7ERKOxeJCTR&option.rd_exec_id=238621: Unable to POST notification after 1 tries: success for execution 238621 (succeeded): Error making request: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

How can I fix this issue? I have already a certificate but how can I tell rundeck to use it. Thank in advance to those who'll help me.

roboragi
  • 75
  • 1
  • 1
  • 5

1 Answers1

0

You need to add the webhook service certificate to the Java cacert to make recognizable by Rundeck. Alternatively, if you are using Rundeck over SSL, you can add that certificate to Rundeck truststore file in the following way:

  1. Stop the Rundeck Service.

  2. Extract the service certificate:

echo -n | openssl s_client -connect your_service_host:your_service_port > cert.out

  1. Add it to your Rundeck truststore file:

keytool -importcert -trustcacerts -file certs.out -alias my_service -keystore your/path/to/rundeck/truststore

  1. Start Rundeck service.
MegaDrive68k
  • 3,768
  • 2
  • 9
  • 51
  • Hi, I'm using Rundeck Over SSL. I've already imported the cert to my trust store. I've used this command from the guide I'm following: "keytool -import -alias ca -file /etc/rundeck/ssl/lab-ca-der.cer -keystore /etc/rundeck/ssl/ca -storepass password". Does the naming of the truststore important? Because in the guide I've been following they renamed it to ca and I've done that too. – roboragi Oct 27 '20 at 01:42
  • I have fixed the issue already. I did the first one which is imported my certificate in java cacerts and now the webhook is working. – roboragi Oct 27 '20 at 03:52