Failed to get HashiCorp Vault wrapped token from TeamCity server

Avatar
Blake
Created

I updated from `2023.11.3` to `2024.03.2`. After the upgrade, the Hashivault plugin stopped working and is throwing the following error. I would rather not add `teamcity`  to the subject alternative names field in my certificate. Where is this name coming from? The server url is still set properly. Is this a setting in the build agent?

 

Failed to get HashiCorp Vault wrapped token from TeamCity server for the project connection with ID '': internal error
javax.net.ssl.SSLPeerUnverifiedException: Certificate for <teamcity> doesn't match any of the subject alternative names: [*.company.com]
  at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507)
  at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437)
  at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
  at jetbrains.buildServer.util.http.SSLConnectionSocketFactoryWithSNI.connectSocket(SSLConnectionSocketFactoryWithSNI.java:64)
  at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
  at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
  at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
  at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
  at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
  at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
  at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
  at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
  at jetbrains.buildServer.util.HTTPRequestBuilder$ApacheClient43RequestHandler.prepareRequest(HTTPRequestBuilder.java:789)
  at jetbrains.buildServer.util.HTTPRequestBuilder$ApacheClient43RequestHandler.doRequestImpl(HTTPRequestBuilder.java:864)
  at jetbrains.buildServer.util.HTTPRequestBuilder$ApacheClient43RequestHandler.doSyncRequest(HTTPRequestBuilder.java:842)
  at jetbrains.buildServer.util.HTTPRequestBuilder$DelegatingRequestHandler.doSyncRequest(HTTPRequestBuilder.java:624)
  at org.jetbrains.teamcity.vault.agent.VaultFeatureSettingsFetcher$getVaultFeatureSettings$response$1.invoke(VaultFeatureSettingsFetcher.kt:61)
  at org.jetbrains.teamcity.vault.agent.VaultFeatureSettingsFetcher$getVaultFeatureSettings$response$1.invoke(VaultFeatureSettingsFetcher.kt:60)
  at org.jetbrains.teamcity.vault.retrier.Retrier.run(Retrier.kt:15)
  at org.jetbrains.teamcity.vault.agent.VaultFeatureSettingsFetcher.getVaultFeatureSettings(VaultFeatureSettingsFetcher.kt:60)
  at org.jetbrains.teamcity.vault.agent.VaultBuildFeature.updateBuildParameters(VaultBuildFeature.kt:54)
  at org.jetbrains.teamcity.vault.agent.VaultBuildFeature.buildStarted(VaultBuildFeature.kt:43)
  at sun.reflect.GeneratedMethodAccessor18.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  at java.lang.reflect.Method.invoke(Method.java:498)
  at jetbrains.buildServer.util.EventDispatcher.invokeListeners(EventDispatcher.java:157)
  at jetbrains.buildServer.util.EventDispatcher.lambda$dispatch$0(EventDispatcher.java:134)
  at jetbrains.buildServer.util.NamedThreadFactory.executeWithNewThreadName(NamedThreadFactory.java:76)
  at jetbrains.buildServer.util.EventDispatcher.dispatch(EventDispatcher.java:134)
  at jetbrains.buildServer.util.EventDispatcher$2.invoke(EventDispatcher.java:82)
  at com.sun.proxy.$Proxy24.buildStarted(Unknown Source)
  at jetbrains.buildServer.agent.impl.buildStages.startStages.FireBuildStartedStage.doBuildState(FireBuildStartedStage.java:19)
  at jetbrains.buildServer.agent.impl.buildStages.startStages.FireEventStageBase.doBuildStage(FireEventStageBase.java:28)
  at jetbrains.buildServer.agent.impl.buildStages.BuildStagesExecutor$1.callStage(BuildStagesExecutor.java:33)
  at jetbrains.buildServer.agent.impl.buildStages.BuildStagesExecutor$1.callStage(BuildStagesExecutor.java:24)
  at jetbrains.buildServer.agent.impl.buildStages.StagesExecutor.callRunStage(StagesExecutor.java:76)
  at jetbrains.buildServer.agent.impl.buildStages.StagesExecutor.doStages(StagesExecutor.java:35)
  at jetbrains.buildServer.agent.impl.buildStages.BuildStagesExecutor.doStages(BuildStagesExecutor.java:24)
  at jetbrains.buildServer.agent.impl.BuildRunActionImpl.doStages(BuildRunActionImpl.java:97)
  at jetbrains.buildServer.agent.AgentOperationModeEx.executeRunnerStages(AgentOperationModeEx.java:36)
  at jetbrains.buildServer.agent.impl.BuildRunActionImpl.runBuild(BuildRunActionImpl.java:68)
  at jetbrains.buildServer.agent.impl.BuildAgentImpl.doActualBuild(BuildAgentImpl.java:350)
  at jetbrains.buildServer.agent.impl.BuildAgentImpl.access$100(BuildAgentImpl.java:62)
  at jetbrains.buildServer.agent.impl.BuildAgentImpl$1.run(BuildAgentImpl.java:299)
  at java.lang.Thread.run(Thread.java:748)

Votes

1

Share

2 comments
Avatar
Blake
Created

This was because of a bad `serverUrl` in `buildAgent.properties`

0
Avatar
Anton Vakhtel
Created
Hi Blake,

Yes, it looks like you are right; it's probably because of serverUrl in buildAgent.properties. Did specifying the correct URL there resolve the issue?

Best regards,
Anton
0

Please sign in to leave a comment.