question

Shafiz H. avatar image
Shafiz H. asked ·

Upgrade from 6.2 to 6.3 causing issues in accessing the RestAPI.

Hi,

For generating the Testid we are calling the RestAPI by passing parameters in Json using some poweshell scripts this was working fine with out any issues in 6.2 version.

But after upgrading to 6.3 facing issues in calling the RESTAPI this is because of some Dynatrace CA cetificate.

in 6.2 we it was not scecured where as in 6.3 its scecured.i,e calling using HTTPS.

Can you please let me know how to access it using HTTP or else let me know how to fix the problem.

restissue.png

Regards

Sravan Kumar

configurationsecuritymigrationtest automationrest
restissue.png (20.8 KiB)
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Sonja C. avatar image
Sonja C. answered ·

Hi Sravan,

there is a new default setting which is set by default "accept authentication data only with HTTPS" - which you will need to uncheck to get back to HTTP for the rest api (requiring authentication).

See screenshot:

Sonja


Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Guenter H. avatar image
Guenter H. answered ·

OK, it was documented (in bold) on Server REST Interfaces, where it applies. (Client REST is an entirely different thing.)

I added a warning though to the top of the Services - Management Tab page where the setting (Accept authentication data only via HTTPS) is described.

More so, due to this issue, I added an entirely new page Breaking Changes to the documentation (deliberately placed right under the Upgrade and Migration Guide sub-tree), where I will collect breaking changes. (different defaults,...)

I think such a page is long overdue and input is welcome.

Hope this helps

G.

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Guenter H. avatar image
Guenter H. answered ·

Wiktor just made us aware of

JENKINS Skip Certificate Check plugin

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Guenter H. avatar image
Guenter H. answered ·

Hey Joe and Sravan @shafizhatta,

just talked to engineering (Mike and Wolfgang).

Wolfgang thought to remember a way to ignore the cert in the Jenkins plugin, but that´s an RFE. I´ll poke the lead engineer on the issue.

So currently you either

auth data over http (uncheck the above mentioned box) or

import the Dynatrace cert into the Jenkins keystore or

use a trusted (as opposed to a self-signed) certificate and keys which should be automatically accepted.

I will document this.

Cheers

G.

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Joe H. avatar image
Joe H. answered ·

A support file has been created.

SUPDT-18161

I did check the Jenkins logs, it confirms some type of certificate issue. Jenkins logs are attached to the SUP.

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Joe H. avatar image
Joe H. answered ·

Sonja,

Prior to upgrading to 6.3, my Jenkins environment was configured to use HTTPS/8021. After upgrading the REST calls quit working. Switching back to HTTP/8020 and unchecking the box resolved the problem, but the bigger question is why didn't HTTPS continue to work? I'm suspicious it has something to do with the certificates we're shipping which are not liked by most systems. Can you confirm this to be the underlying cause of HTTPS no longer working on the REST calls after upgrading to 6.3?

2 comments Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Difficult to say without more info. Could you please open an issue for that including a support archive?!

Thanks

G.

0 Likes 0 · ·

have you checked the log files from the Jenkins plug-in?

Your theory sounds plausible. We are currently working on a new version of the Jenkins plug-in which will use our automation library to communicate with the REST API which will prevent HTTPS issues.

0 Likes 0 · ·
Guenter H. avatar image
Guenter H. answered ·

Thanks a ton, Sravan,

for making us aware of that. This is a bad gotcha that, I guess, engineering forgot to correct and I need to put a note at least in two places immediately.

Sorry for any inconveniences!

G.

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.