SilverKnight Posted August 2, 2013 Report Posted August 2, 2013 Any idea how to solve this problem (short of turning off SSL connections)? I want to perform a cm crt on a file listed as binary when it should be listed as text - so I created a batch file to run it for all such files. When I actually installed and named the server, the server name is as displayed in the cert line below - Plastic01 with capital P. The GUI works fine, and all of the .config files actually have it specified with a capital. -- the command line lists the server name in lower case. WARNING: the secure connection hostname provided in the server certificate doesn't match the server's hostname. This means that the certificate was not issued to this hostname or that there is a network configuration problem with this host. - Certificate hostname: CN=Plastic01.gohealthcast.com - Server hostname: CN=plastic01.gohealthcast.com If you want to continue connecting to this host, choose 'Yes'. The certificate validation will continue (not recommended). If you want to abandon the connection, choose 'No' (recommended). Choose an option (Y)es, (N)o (hitting Enter selects 'No'): no matter what option I use, it prompts with this message for EVERY file - even when I confirm to use it anyway, I get this message The server you are connecting to has sent a certificate that is not in the store. This is normal if it is the first time that you connect to this server. Certificate details: - Issued to: CN=Plastic01.gohealthcast.com - Issued by: CN=Plastic01.gohealthcast.com - Expiration date: 3/21/2023 5:20:13 PM - Certificate hash: 7B1FA6D79BB4C567C30EE5DD23CCC24D0670EA71 If you trust this host, choose 'Yes' to add the key to Plastic SCM's key store (recommended if it is the first time you connect to this server). If you want to carry on connecting just once, without adding the key to the store, choose 'No'. If you do not trust this host, choose 'Cancel' to abandon the connection. Choose an option (Y)es, (N)o, (C)ancel (hitting Enter cancels): Hitting YES here lets the command execute, but does NOT put the cert name in the store, I expect because it shows correctly (and is probably already present under the store with the correct case in the name) - consequently, it continuously prompts for every file with no way to "mass confirm"
calbzam Posted August 5, 2013 Report Posted August 5, 2013 Hi, Can you check if the certificate is properly stored? (Start --> Search --> certmgr.msc) Can you run: "platic --configure" and check if the client is trying to connect to Plastic01 server (with capital P) Anyway, if you are trying to change the revision type from binary to text, you may find interesting this blog post: http://codicesoftware.blogspot.com/2008/03/custom-file-types.html It explains how to configure "filetypes.conf" file to determine which files should be added as "binary" or "text". Regards, Carlos
SilverKnight Posted August 5, 2013 Author Report Posted August 5, 2013 It shows up in certmgr under: Plastic Client\Certificates - Issued to Plastic01.gohealthcast.com and Issued By Plastic01.gohealthcast.com So that looks correct. plastic --configure shows Plastic01.gohealthcast.com -Port: 8088 Use encryption (SSL) checked The only reason I need to actually switch from binary to text is that I performed a conversion of a CVS project - so it marked every file as binary during the export. So, I wrote a batch file do mark all of my project code files as text - this is when I ran into the problem. -- there are about 10,000 files in the project, and it was being prompted for each one. As the post above also shows, the certificate is correct Certificate details:- Issued to: CN=Plastic01.gohealthcast.com- Issued by: CN=Plastic01.gohealthcast.com Somehow, the server name will come back with the incorrect case when using the command line - Certificate hostname: CN=Plastic01.gohealthcast.com- Server hostname: CN=plastic01.gohealthcast.com I was not able to find any configuration file with the lower-case server name, so it must pull this from the server dynamically to ensure it is connecting to a valid server by comparing the server name with the certificate - but it is case sensitive. Not sure if it was a fluke or what, but I tried repeatedly (5-6 times) and it prompted every time. I then tried to turn off SSL for the project, but was unsuccessful at switching it (there were a lot of errors as a result of re-configuring the client with an existing workspace) - however, after messing with it for a couple of hours and getting the project back to using SSL properly, the error went away. Running the batch file after this attempted switch resulted in the first 2 files being prompted for, but then the remaining files worked properly with no further prompting.
calbzam Posted August 5, 2013 Report Posted August 5, 2013 Ok, Glad to know finally you could run the script. I have the scenario mounted, so I will try to investigate the issue a bit more. Regards, Carlos
alex_co Posted January 8, 2018 Report Posted January 8, 2018 I have the same problem when I try to integrate Jenkins and plastic. How can I solve it? Thanks.
calbzam Posted January 8, 2018 Report Posted January 8, 2018 Could you give us more details? What is the error you are getting? Are you using a custom certificate? Could you run "cm lrep" from the Jenkins machine? Regards, Carlos.
alex_co Posted January 8, 2018 Report Posted January 8, 2018 Hi Carlos, At first thanks for the response. I'm following these tutorials http://blog.plasticscm.com/2015/06/plastic-scm-integration-with-jenkins-ci.html and https://plugins.jenkins.io/plasticscm-plugin to integrate Plastic and Jenkins. When I run the task the following error appears: I have installed Jenkins in my local machine using the windows installer. Regards.
calbzam Posted January 8, 2018 Report Posted January 8, 2018 Could you run the "cm lrep" command in your Jenkins machine? I t should ask you to store the certificate. After accepting the certificate, you shouldn't be requested to accept it again. Regards, Carlos.
alex_co Posted January 8, 2018 Report Posted January 8, 2018 How can I acces to command console in Jenkins? If I execute the command from the windows terminal, the option to store the certificate does not appear. Regards.
manu Posted January 9, 2018 Report Posted January 9, 2018 Hello @alex_co, 15 hours ago, alex_co said: How can I acces to command console in Jenkins? It's not a Jenkins command console, it's a regular windows command console window as I can see you have Jenkins installed on a Windows machine. So open a command line window as the user running the Jenkins service (it might be the administrator but it's worth if you check it, you can open a command console using runas -> https://technet.microsoft.com/es-es/library/cc771525(v=ws.10).aspx), once you have the console run the "cm lrep" command, it should ask you to accept the certificate. 15 hours ago, alex_co said: If I execute the command from the windows terminal, the option to store the certificate does not appear. Yep, I think it's because the regular user you are using it's having the certificate already accepted, you need to do what's explained above with the jenkins windows service user. Hope it helps!
alex_co Posted January 9, 2018 Report Posted January 9, 2018 Hi @manu, 1 hour ago, manu said: Yep, I think it's because the regular user you are using it's having the certificate already accepted, you need to do what's explained above with the jenkins windows service user. This was the problem. I've changed the user who starts the service and the error has disappeared. Thanks a lot @manu and @calbzam!!
manu Posted January 9, 2018 Report Posted January 9, 2018 That's great @alex_co! Happy to know it's working now
Recommended Posts
Archived
This topic is now archived and is closed to further replies.