search

jenkinsci / cisco-spark-notifier-plugin

Sends messages to Spark rooms from Jenkins
https://plugins.jenkins.io/cisco-spark-notifier/
MIT License
6 stars 4 forks source link

java.security.cert.CertificateException: No subject alternative DNS name matching api.ciscospark.com found #12

Open patrickm630 opened 4 years ago

patrickm630 commented 4 years ago

Hello !

Working with Cisco Spark Notifier plugin (last version), it worked as designed for a few weeks, but since late October (around October 18th), we systematically receive an error like this when trying to send messages to our Webex space :

Sending message to spark space: 2dcaa670-c7e3-11e9-b98c-c1b2d7e8e426 Could not send message because of an unknown issue; please file an issue javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching api.ciscospark.com found.

Do you have an idea of what could go wrong in our case and why it stopped working from one day to the other ?

The spark command line is like thise, the credentials have been verified :

script { sparkSend(message: "Build FAILED Build of ${PRODUCT_VERSION} failed : ${BUILD_URL}",messageType:'html', spaceList: [[spaceName: "Jenkins", spaceId: "2dcaa670-c7e3-11e9-b98c-c1b2d7e8e426"]], credentialsId:"WebexJenkins") }

Thanks !

bblackham commented 3 years ago

Seems that this error can happen when SNI is not being used for the HTTPS request. The server's default certificate is not one that matches api.ciscospark.com, so SNI must be used. On the Manage Jenkins -> System Information page, if jsse.enableSNIExtension is false, that's almost certainly the issue (and whatever is setting it).