Hello, I'm trying to connect an external docker runner (x86_64) to Bitbucket, I succeed in Linux Shell mode, but when I try to set up in docker mode the connection fails with the following exception:
[2024-04-04 13:35:31,982] Runner version: 1.565
[2024-04-04 13:35:31,988] Runner runtime: linux-docker
[2024-04-04 13:35:32,027] Copying Docker cli to working directory.
[2024-04-04 13:35:32,165] Starting websocket listening to RUNNER_UPDATED events.
[2024-04-04 13:35:32,212] Updating runner status to "ONLINE" and checking for new steps assigned to the runner after 0 seconds and then every 30 seconds.
[2024-04-04 13:35:32,322] Updating runner state to "ONLINE".
[2024-04-04 13:35:32,658] [2f15bf75, L:/172.17.0.2:46666 - R:auth.atlassian.com/185.166.141.24:443] The connection observed an error
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.base/java.security.cert.CertPathBuilder.build(Unknown Source)
... 39 common frames omitted
Wrapped by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at java.base/sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
....
if I run the following command:
curl --verbose -LI https://api.atlassian.com
* Trying 185.166.141.17:443...
* Connected to api.atlassian.com (185.166.141.17) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
...
* Connection #1 to host developer.atlassian.com left intact
I'm using a custom connection without firewalls.
Thanks in advance!
Hello @Josep Castro and welcome to the Community!
The error at the begging of the logs indicates an issue with the validation of the certificate.
This error can occur when the runner is using a certificate issued by a certificate authority whose root and intermediate certificates are not present in your JDK.
The issue can be resolved by importing the certificate as per the following knowledge base article:
Thank you, @Josep Castro !
Patrik S
Hi Patrik, thanks in advance for the response
Should I add the public SSL certificate into the JVM of my host computer? or the container?
I'm using the official docker image
Regards
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello @Josep Castro ,
The certificates should be added to the JVM of the machine where you are executing the runner. In addition, please ensure that you have OpenJDK 11 (version 11.0.15 or newer) installed.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.