Invalid or corrupt jar file when remote trigger is executed

Using Jenkins Ask a question
1

Jenkins setup: I have a Jenkins setup with docker environment which uses organization proxy. I am trying to remote trigger a job in another jenkins using cli jar file.

The problem is sometimes the job doesn’t trigger properly saying corrupt jar file. However the next triggers are executed successfully without any issues. I’m unable to share the logs due to log rotation.

Additionally when i try to execute any commands using cli jar file it throws handshake error.
For eg:
java -jar jenkins-cli.jar -s https://<jenkins_url>/ -auth user_name:apitoken version
CLI handshake failed with status code 401
Cache-Control: must-revalidate, no-cache, no-store
Content-Length: 459
Content-Type: text/html;charset=iso-8859-1
Date: Tue, 17 Jun 2025 05:13:50 GMT
Server: Jetty(12.0.19)
Set-Cookie: remember-me=; Path=/RBEI_test; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0
Www-Authenticate: Basic realm=“Jenkins”
X-Content-Type-Options: nosniff

2

It sounds like you’re running into two separate but related issues:

  1. A possibly corrupted jenkins-cli.jar, and
  2. A 401 error during the CLI handshake, which usually points to an authentication problem.

Let’s walk through a few things that might help:

:hammer_and_wrench: 1. Try downloading a fresh jenkins-cli.jar

In many cases, the CLI jar gets corrupted when it’s cached by a proxy or if the download was interrupted. Just to be safe, it might be worth grabbing a clean copy directly from your Jenkins instance each time:

wget https://<jenkins_url>/jnlpJars/jenkins-cli.jar -O jenkins-cli.jar

If possible, try bypassing any proxy when downloading it, especially if you’ve seen issues with stale or partial files before.

:locked_with_key: 2. Check authentication details (the 401 error)

That 401 usually means Jenkins is rejecting the credentials. A few things you could double-check:

  • Make sure the username and API token are correct.

  • If you’re using the -auth option, one approach is to put your credentials in a file like this:

    user:apitoken

    And then use:

    java -jar jenkins-cli.jar -s https://<jenkins_url> -auth @/path/to/creds.txt ...

  • Also, make sure there’s no trailing slash after / in the -s URL. It seems minor, but it can trip things up.

:globe_with_meridians: 3. If you’re behind a proxy or reverse proxy…

You might want to make sure that no authentication headers are being stripped or altered. This can sometimes happen with reverse proxy setups like Nginx or Apache.

:white_check_mark: Summary

  • Re-download the CLI jar fresh (and avoid proxy caching).
  • Double-check your credentials and try the file-based -auth approach.
  • Watch for proxy-related hiccups.

These steps usually help clear up the kinds of issues you’re seeing.