プラグインを動作させようとしています。Sonarsource 5.6、プラグイン 1.2。SSL エラーが発生しました。これは、github エンタープライズのインスタンスに、内部の信頼されていない CA から付与された SSL 証明書がある (または単に正しく設定されていない) ことが原因であると考えられます。ログは以下にコピーされます。
どのようなオプションがありますか? おもう
- 経由で証明書をダウンロードし、
sudo docker exec <my container id> openssl s_client -connect my-sonarqube-hostname:443 -showcerts(自分が何をしていたかを知っていれば)使用keytoolして...ストアに突っ込むことができます(?) - a) 方法を知っていれば、証明書の検証を無効にすることができました。b) ソースコードが含まれる何かのために MITM の危険を冒しても大丈夫だと思った場合 (私はしません)
- 以下のような記事を理解しようとすることはできますが、証明書を取得してストアに入れるために何かをコンパイルする必要があるようです。
- GHEを所有するチームに実際の証明書を使用してもらうことができます
- ……?他に何か?
Amazon Linux EC2 インスタンスの docker コンテナ内で sonarqube を実行しています - 非常に使いやすいですが、変更するのは難しいです (Dockerfile をプルしてフォークすることはできると思いますが、私の問題は内部セットアップに固有のものではないかと思います) 、だから私が思いついたものは何でも貢献する価値がありますか?)
ログ:
2016.06.10 07:50:01 ERROR web[o.s.s.a.AuthenticationError] Fail to callback authentication with 'github'
com.github.scribejava.core.exceptions.OAuthConnectionException: There was a problem while creating a connection to the remote service: https://my-github-enterprise-hostname/login/oauth/access_token?client_id=02e2f2cd8f567478c80d&client_secret=68c1ec2fe7d5c99a75e478c476965bdbefdc55dd&code=1b8c6e1323ef66e7a8f0&redirect_uri=https%3A%2F%2Fmy-sonarqube-hostname%2Foauth2%2Fcallback%2Fgithub
at com.github.scribejava.core.model.OAuthRequest.send(OAuthRequest.java:39) ~[na:na]
at com.github.scribejava.core.oauth.OAuth20ServiceImpl.getAccessToken(OAuth20ServiceImpl.java:36) ~[na:na]
at org.sonarsource.auth.github.GitHubIdentityProvider.callback(GitHubIdentityProvider.java:111) ~[na:na]
at org.sonar.server.authentication.OAuth2CallbackFilter.doFilter(OAuth2CallbackFilter.java:71) ~[sonar-server-5.6.jar:na]
at org.sonar.server.platform.MasterServletFilter$GodFilterChain.doFilter(MasterServletFilter.java:125) [sonar-server-5.6.jar:na]
at org.sonar.server.platform.MasterServletFilter.doFilter(MasterServletFilter.java:94) [sonar-server-5.6.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.sonar.server.user.UserSessionFilter.doFilter(UserSessionFilter.java:59) [sonar-server-5.6.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.sonar.server.platform.ProfilingFilter.doFilter(ProfilingFilter.java:84) [sonar-server-5.6.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) [tomcat-embed-core-8.0.30.jar:8.0.30]
at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:191) [logback-access-1.1.3.jar:na]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:521) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1096) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:674) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456) [tomcat-embed-core-8.0.30.jar:8.0.30]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_91]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-8.0.30.jar:8.0.30]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_91]
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) ~[na:1.8.0_91]
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) ~[na:1.8.0_91]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) ~[na:1.8.0_91]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) ~[na:1.8.0_91]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509) ~[na:1.8.0_91]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) ~[na:1.8.0_91]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) ~[na:1.8.0_91]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) ~[na:1.8.0_91]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) ~[na:1.8.0_91]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) ~[na:1.8.0_91]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) ~[na:1.8.0_91]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) ~[na:1.8.0_91]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) ~[na:1.8.0_91]
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[na:1.8.0_91]
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153) ~[na:1.8.0_91]
at com.github.scribejava.core.model.Response.<init>(Response.java:30) ~[na:na]
at com.github.scribejava.core.model.OAuthRequest.doSend(OAuthRequest.java:57) ~[na:na]
at com.github.scribejava.core.model.OAuthRequest.send(OAuthRequest.java:37) ~[na:na]
... 28 common frames omitted
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387) ~[na:1.8.0_91]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) ~[na:1.8.0_91]
at sun.security.validator.Validator.validate(Validator.java:260) ~[na:1.8.0_91]
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[na:1.8.0_91]
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[na:1.8.0_91]
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[na:1.8.0_91]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1491) ~[na:1.8.0_91]
... 41 common frames omitted
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) ~[na:1.8.0_91]
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) ~[na:1.8.0_91]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) ~[na:1.8.0_91]
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382) ~[na:1.8.0_91]
... 47 common frames omitted