Not able to update jenkins plugins

ShaikhMJAM · July 2, 2024, 9:58am

Hello all
I am using Jenkins 2.452.2 which is a latest version and java 17.0.10. Everything was working fine but from last 2 week whenever I am trying to install any plugins or update the plugins I am getting error

‘sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:148)
at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:129)
at java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:434)
Caused: sun.security.validator.ValidatorException: PKIX path building failed
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:439)
at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306)
at java.base/sun.security.validator.Validator.validate(Validator.java:264)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1335)
Caused: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:378)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:316)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1351)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1226)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1169)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1510)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1425)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:455)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:426)
at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:589)
at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:187)
at java.base/sun.net.www.protocol.http.HttpURLConnection.followRedirect0(HttpURLConnection.java:2944)
at java.base/sun.net.www.protocol.http.HttpURLConnection.followRedirect(HttpURLConnection.java:2853)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1949)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1611)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:224)
at hudson.model.UpdateCenter$UpdateCenterConfiguration.download(UpdateCenter.java:1323)
Caused: java.io.IOException: Failed to load https://updates.jenkins.io/download/plugins/javadoc/243.vb_b_503b_b_45537/javadoc.hpi to /var/lib/jenkins/plugins/javadoc.jpi.tmp
at hudson.model.UpdateCenter$UpdateCenterConfiguration.download(UpdateCenter.java:1334)
Caused: java.io.IOException: Failed to download from https://updates.jenkins.io/download/plugins/javadoc/243.vb_b_503b_b_45537/javadoc.hpi (redirected to: https://mirrors.in.sahilister.net/jenkins/plugins/javadoc/243.vb_b_503b_b_45537/javadoc.hpi)
at hudson.model.UpdateCenter$UpdateCenterConfiguration.download(UpdateCenter.java:1368)
at hudson.model.UpdateCenter$DownloadJob._run(UpdateCenter.java:1925)
at hudson.model.UpdateCenter$InstallationJob._run(UpdateCenter.java:2237)
at hudson.model.UpdateCenter$DownloadJob.run(UpdateCenter.java:1899)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at hudson.remoting.AtmostOneThreadExecutor$Worker.run(AtmostOneThreadExecutor.java:121)
at java.base/java.lang.Thread.run(Thread.java:840)’

please someone help me with any solution

mushon-okami · July 3, 2024, 8:37am

few options

Update JRE

The error sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target during Jenkins plugin updates can often be resolved by updating the Java Runtime Environment (JRE). This ensures that the latest security certificates are available.

Update Jenkins Update Center URL

Another potential issue could be an outdated URL for the Jenkins update center. You can try updating the URL in the hudson.model.UpdateCenter.xml file to http://updates.jenkins-ci.org/update-center.json.

Install CA Certificates

If the issue is related to certificate errors, you can try installing the CA certificates using the following command:

sudo yum install -y ca-certificates

Alternatively, if you are downloading plugins manually, you can use the --no-check-certificate option to download insecurely.

Verify Java Properties and Environment Variables

Ensure that Java properties are correctly set. Java properties are case-sensitive, so make sure you are using -Djava.net.ssl.trustStore instead of -DJava.net.ssl.trustStore. Also, verify that $JENKINS_HOME is correctly set and is different from $JAVA_HOME.

Modify jenkins-runner.sh Script

If Jenkins is using a test site certificate, the issue might be related to the jenkins-runner.sh script not passing the httpsPrivateKey and httpsCertificate variables from the plist file to the command line used to launch Jenkins. You can add the following lines to jenkins-runner.sh to fix it:

check also Okami: Seek How Know Now it might give you more info

Topic		Replies	Views
Problems with plugin updates Using Jenkins question	2	2779	September 7, 2023
Unable to install Jenkins Plugins Community question	1	130	September 30, 2024
Unable to install Jenkins Plugin after upgrading the jenkins version to 2.455 Using Jenkins question	1	283	May 6, 2024
Jenkins sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Ask a question	2	4421	October 7, 2022
Cannot install Jenkins plugins on Windows Ask a question	3	2119	December 6, 2022

Not able to update jenkins plugins

Related topics