[jbosstools-issues] [JBoss JIRA] (JBDS-4677) Certification errors to connect to OpenShift with certificates self-signed

Roman Martin Gil (JIRA) issues at jboss.org
Sat Feb 17 05:35:00 EST 2018 

    [ https://issues.jboss.org/browse/JBDS-4677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13534740#comment-13534740 ] 

Roman Martin Gil commented on JBDS-4677:
----------------------------------------

I tested again using a local OCP cluster (oc cluster up --public-hostname=127.0.0.1) to compare with the real OCP cluster used. The results were the same I can't connect from JBDS.

However I can do it from a browser or using oc command, but the first connection I got a warning to accept the certificates used by the cluster. 

The oc command results are:
{code:java}
[rmarting at kiuran jenkins]$ oc login -u developer -p developer https://127.0.0.1:8443
The server uses a certificate signed by an unknown authority.
You can bypass the certificate check, but any data you send to the server could be intercepted by others.
Use insecure connections? (y/n): y

Login successful.

You have access to the following projects and can switch between them with 'oc project <projectname>':

  * default
    kube-public
    kube-system
    myproject
    openshift
    openshift-infra
    openshift-node

Using project "default".
Welcome! See 'oc help' to get started.

{code}

Attached a screenshot when I used the browser the first time.
 !jbds-openshift-browser.png|thumbnail! 

It seems that OpenShift Wizard connection doesn't manage successfully the warning to accept the credentials from the OCP Cluster and after that I can't create the connection definition. I don't think it is something related with my TLS support. 

Could you reproduce it?


> Certification errors to connect to OpenShift with certificates self-signed
> --------------------------------------------------------------------------
>
>                 Key: JBDS-4677
>                 URL: https://issues.jboss.org/browse/JBDS-4677
>             Project: Red Hat JBoss Developer Studio (devstudio)
>          Issue Type: Bug
>          Components: cdk, openshift
>    Affects Versions: 11.2.0.GA
>         Environment: JBDS 11.2.0.GA running on Fedora 27 with jdk1.8.0
>            Reporter: Roman Martin Gil
>            Assignee: Jeff MAURY
>         Attachments: jbds-openshift-browser.png, jbds-openshift-certificate-errors.png
>
>
> I can't get a token when I tried to create a new OpenShift connection to a external cluster with self-signed certificates.
> When I click in retrieve link to get the token I got the following messages and I can't get the token to finish the process.
> {code:java}
> An error occurred during a connection to axdesocp1console.central.inditex.grp:8443.
> Cannot communicate securely with peer: no common encryption algorithm(s).
> (Error code: ssl_error_no_cypher_overlap)
> {code}



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jbosstools-issues mailing list