Five Stars

Integrate Bit Bucket over HTTPS with self signed certificate

Hi all,

In my company I handle a Talend Big Data Platform Server (v6.2.1.20160704_1411). I tried to integrate Bit Bucket as version control system. Bit Bucket is installed on an our server and runs over HTTPS with a self signed certificate.

In TAC it seems that the configuration with GIT is ok, but when I try to checkout a project from the Talend client, I get the following exception:

PKIX path building failed: unable to find valid certification path to requested target

 

I also tried to add to the JVM trust-store on the Talend server the certificate from the bitbucket server, but nothing changed.

Does someone know what is wrong?

Thank you very much.

 

In the following the complete exception text:

 

org.talend.commons.exception.PersistenceException: Can not connect to project with url "https://10.139.15.12:7990/scm/tal/Talend.git".
	at org.talend.repository.remoteprovider.RemoteRepositoryFactory.delegateBeforeLogon2(RemoteRepositoryFactory.java:355)
	at org.talend.repository.remoteprovider.RemoteRepositoryFactory.delegateBeforeLogon(RemoteRepositoryFactory.java:312)
	at org.talend.repository.remoteprovider.RemoteRepositoryFactory.beforeLogon(RemoteRepositoryFactory.java:252)
	at org.talend.core.repository.model.ProxyRepositoryFactory.logOnProject(ProxyRepositoryFactory.java:1828)
	at org.talend.repository.ui.login.LoginHelper$1.run(LoginHelper.java:426)
	at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:122)
Caused by: org.talend.commons.exception.PersistenceException: username or password are not correct, please check in TAC users configuration
	at org.talend.repository.gitprovider.core.GitProjectUrlCheck.check(GitProjectUrlCheck.java:93)
	at org.talend.repository.remoteprovider.RemoteRepositoryFactory.delegateBeforeLogon2(RemoteRepositoryFactory.java:353)
	... 5 more
Caused by: org.eclipse.jgit.api.errors.TransportException: https://10.139.15.12:7990/scm/tal/Talend.git: cannot open git-upload-pack
	at org.eclipse.jgit.api.LsRemoteCommand.call(LsRemoteCommand.java:196)
	at org.talend.repository.gitprovider.core.GitProjectUrlCheck.check(GitProjectUrlCheck.java:87)
	... 6 more
Caused by: org.eclipse.jgit.errors.TransportException: https://10.139.15.12:7990/scm/tal/Talend.git: cannot open git-upload-pack
	at org.eclipse.jgit.transport.TransportHttp.connect(TransportHttp.java:521)
	at org.eclipse.jgit.transport.TransportHttp.openFetch(TransportHttp.java:309)
	at org.eclipse.jgit.api.LsRemoteCommand.call(LsRemoteCommand.java:175)
	... 7 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1513)
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1441)
	at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)
	at org.eclipse.jgit.transport.http.JDKHttpConnection.getResponseCode(JDKHttpConnection.java:98)
	at org.eclipse.jgit.util.HttpSupport.response(HttpSupport.java:168)
	at org.eclipse.jgit.transport.TransportHttp.connect(TransportHttp.java:475)
	... 9 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
	at sun.security.validator.Validator.validate(Validator.java:260)
	at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1491)
	... 25 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
	... 31 more

 

1 ACCEPTED SOLUTION

Accepted Solutions
Five Stars

Re: Integrate Bit Bucket over HTTPS with self signed certificate

Thanks but I solved... Just run "git config --global http.sslVerify false" on the client machine.

3 REPLIES
Five Stars

Re: Integrate Bit Bucket over HTTPS with self signed certificate

Any ideas? Robot Sad

Moderator

Re: Integrate Bit Bucket over HTTPS with self signed certificate

Hello,

With you subscription solution, could you please create a case on talend support portal so that we can give you a remote assistance(webex session) through support cycle with priority?

Best regards

Sabrina

--
Don't forget to give kudos when a reply is helpful and click Accept the solution when you think you're good with it.
Five Stars

Re: Integrate Bit Bucket over HTTPS with self signed certificate

Thanks but I solved... Just run "git config --global http.sslVerify false" on the client machine.