cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Alex_Shumilov
Level 3

Problem when trying to use ScriptRunner via HTTPS

Jump to solution

FlexNet Code Insight 6.14.1, goes from HTTP to HTTPS, the detector is working.

Problem when trying to use Scriptrunner via HTTPS, after running the script a message appears:

"Current user Alex doesn't have script admin role, please contact your Palamida System Administrator."

Before switching to HTTPS, Scriptrunner worked, there were enough rights.

A new Token was created, the same error occurs with it.

The user has the following roles installed in the FNCI:

  • System Administrator
  • Policy Administrator
  • Scripting Administrator
  • Reviewer
  • Participant

What changes in rights and where need to be made to resolve the error?

 

Best regards,

Alex

Labels (1)
0 Kudos
(1) Solution

Hi tphamda,

Thank you for your responses!

The problem really was using different JAVA_HOME in FNCI and ScriptRunner.

View solution in original post

0 Kudos
(7) Replies
tphamda
Level 6 Flexeran
Level 6 Flexeran

Hi @Alex_Shumilov,

Can you go to the "$HOME/.palamida/config/scriptRunner" directory and DELETE the scriptRunner.properties file. This file caches the JWT token from before. After deletion, try running the following command and specify the new JWT token when prompted:

Linux:
./scriptRunner.sh -u <scriptuser> -c https://<host>:<port>/palamida/

Windows:
scriptRunner.bat -u <scriptuser> -c https://<host>:<port>/palamida/

If you are able to access the Groovy console, then scriptRunner should be working correctly, and a new scriptRunner.properties file should be generated.

 

0 Kudos

Hi tphamda,

I deleted the scriptRunner.properties file, executed the command 

scriptRunner.bat -u <scriptuser> -c https://<host>:<port>/palamida/

entered the Token, but the new file was not created, when I try to launch ScriptRunner the same error appears

"Current user Alex doesn't have script admin role, please contact your Palamida System Administrator."

0 Kudos
tphamda
Level 6 Flexeran
Level 6 Flexeran

@Alex_Shumilov,

My apologies, I failed to mention that you should update the following property in the scriptrunner.bat file:

set -Dpalamida.ssl=true 

 Please let me know if this resolves the issue for you.

0 Kudos

Yes, I made these changes in the ScriptRunner.bat file.


When trying to execute command

scriptRunner.bat -u <scriptuser> -c https://<host>:<port>/palamida/

error "Current user Alex doesn't have script admin role, please contact your Palamida System Administrator." occurs.


A user authentication error message appears in the log file FNCI_6.14.1\scriptRunner\log\scriptRunner.log


2024-06-04 11:38:48,464 ERROR [main] [ScriptRunner] Error occured while trying to authenticate the user.
javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Caused by: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target

 

Tell me what certificate and where it is necessary to upload to resolve this error. Previously, certificates were loaded for correct operation of the detector via HTTPS.

0 Kudos

Hi @Alex_Shumilov,

Are you running scriptRunner from the core server, scan server or a remote client? You will want to have the Code Insight certificate imported to the cacerts file for the JRE. If you are on the core server or scan server, this should already be imported, but it is possible scriptRunner is using a different version of Java, so make sure you are using the same Java version as Code Insight in this case.  In other words, verify that the JAVA_HOME and PATH variables are set correctly on the Core Server and each Scan Server.

0 Kudos

Hi tphamda,

Our Core Server and Scan Server are on the same server, I run ScriptRannet from the same server. I'll check the PATH and write you the result.

0 Kudos

Hi tphamda,

Thank you for your responses!

The problem really was using different JAVA_HOME in FNCI and ScriptRunner.

0 Kudos