This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Alex_Shumilov
Level 3
‎Jun 03, 2024 10:01 AM

Problem when trying to use ScriptRunner via HTTPS

Jump to solution

FlexNet Code Insight 6.14.1, goes from HTTP to HTTPS, the detector is working.

Problem when trying to use Scriptrunner via HTTPS, after running the script a message appears:

"Current user Alex doesn't have script admin role, please contact your Palamida System Administrator."

Before switching to HTTPS, Scriptrunner worked, there were enough rights.

A new Token was created, the same error occurs with it.

The user has the following roles installed in the FNCI:

  • System Administrator
  • Policy Administrator
  • Scripting Administrator
  • Reviewer
  • Participant

What changes in rights and where need to be made to resolve the error?

 

Best regards,

Alex

Labels (1)
Labels
Preview file
17 KB
Preview file
5 KB
0 Kudos
(1) Solution
Alex_Shumilov
Level 3
In response to tphamda
‎Jun 05, 2024 02:56 AM

Jump to solution

Hi tphamda,

Thank you for your responses!

The problem really was using different JAVA_HOME in FNCI and ScriptRunner.

View solution in original post

0 Kudos
(7) Replies
tphamda
Level 6 Flexeran
Level 6 Flexeran
‎Jun 03, 2024 01:02 PM

Jump to solution

Hi @Alex_Shumilov,

Can you go to the "$HOME/.palamida/config/scriptRunner" directory and DELETE the scriptRunner.properties file. This file caches the JWT token from before. After deletion, try running the following command and specify the new JWT token when prompted:

Linux:
./scriptRunner.sh -u <scriptuser> -c https://<host>:<port>/palamida/

Windows:
scriptRunner.bat -u <scriptuser> -c https://<host>:<port>/palamida/

If you are able to access the Groovy console, then scriptRunner should be working correctly, and a new scriptRunner.properties file should be generated.

 

0 Kudos
Alex_Shumilov
Level 3
In response to tphamda
‎Jun 03, 2024 01:46 PM

Jump to solution

Hi tphamda,

I deleted the scriptRunner.properties file, executed the command 

scriptRunner.bat -u <scriptuser> -c https://<host>:<port>/palamida/

entered the Token, but the new file was not created, when I try to launch ScriptRunner the same error appears

"Current user Alex doesn't have script admin role, please contact your Palamida System Administrator."

Preview file
46 KB
0 Kudos
tphamda
Level 6 Flexeran
Level 6 Flexeran
‎Jun 03, 2024 03:18 PM

Jump to solution

@Alex_Shumilov,

My apologies, I failed to mention that you should update the following property in the scriptrunner.bat file:

set -Dpalamida.ssl=true

 Please let me know if this resolves the issue for you.

0 Kudos
Alex_Shumilov
Level 3
In response to tphamda
‎Jun 04, 2024 05:28 AM

Jump to solution

Yes, I made these changes in the ScriptRunner.bat file.


When trying to execute command

scriptRunner.bat -u <scriptuser> -c https://<host>:<port>/palamida/

error "Current user Alex doesn't have script admin role, please contact your Palamida System Administrator." occurs.


A user authentication error message appears in the log file FNCI_6.14.1\scriptRunner\log\scriptRunner.log


2024-06-04 11:38:48,464 ERROR [main] [ScriptRunner] Error occured while trying to authenticate the user.
javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Caused by: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target

 

Tell me what certificate and where it is necessary to upload to resolve this error. Previously, certificates were loaded for correct operation of the detector via HTTPS.

0 Kudos
tphamda
Level 6 Flexeran
Level 6 Flexeran
In response to Alex_Shumilov
‎Jun 04, 2024 04:08 PM

Jump to solution

Hi @Alex_Shumilov,

Are you running scriptRunner from the core server, scan server or a remote client? You will want to have the Code Insight certificate imported to the cacerts file for the JRE. If you are on the core server or scan server, this should already be imported, but it is possible scriptRunner is using a different version of Java, so make sure you are using the same Java version as Code Insight in this case.  In other words, verify that the JAVA_HOME and PATH variables are set correctly on the Core Server and each Scan Server.

0 Kudos
Alex_Shumilov
Level 3
In response to tphamda
‎Jun 04, 2024 05:05 PM

Jump to solution

Hi tphamda,

Our Core Server and Scan Server are on the same server, I run ScriptRannet from the same server. I'll check the PATH and write you the result.

0 Kudos
Alex_Shumilov
Level 3
In response to tphamda
‎Jun 05, 2024 02:56 AM

Jump to solution

Hi tphamda,

Thank you for your responses!

The problem really was using different JAVA_HOME in FNCI and ScriptRunner.

0 Kudos