Bamboo Git SSH connections failing with PEMException
Problem
Git SSH connections via Bamboo are failing with a PEMException when using the third-party app Kantega SSO, SAML and Kerberos for Bamboo is installed and a new signing key has been added.
The following appears in the atlassian-bamboo.log
Caused by: org.bouncycastle.openssl.PEMException: unable to convert key pair: no such algorithm: RSA for provider BC
at org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter.getKeyPair(Unknown Source)
at com.atlassian.bamboo.crypto.BouncyCastleProviderUtils.toJavaKeyPair(BouncyCastleProviderUtils.java:57)
at com.atlassian.bamboo.crypto.BouncyCastleProviderUtils.toJavaKeyPair(BouncyCastleProviderUtils.java:72)
at com.atlassian.bamboo.plugins.ssh.ProxyConnectionDataBuilderImpl.withKeyFromReader(ProxyConnectionDataBuilderImpl.java:90)
at com.atlassian.bamboo.plugins.ssh.ProxyConnectionDataBuilderImpl.withKeyFromString(ProxyConnectionDataBuilderImpl.java:69)
at com.atlassian.bamboo.plugins.ssh.ProxyConnectionDataBuilderImpl.withKeyFromString(ProxyConnectionDataBuilderImpl.java:30)
at com.atlassian.bamboo.plugins.git.NativeGitOperationHelper.beforeRepositoryAccess(NativeGitOperationHelper.java:211)
... 72 more
Caused by: java.security.NoSuchAlgorithmException: no such algorithm: RSA for provider BC
at sun.security.jca.GetInstance.getService(GetInstance.java:87)
at sun.security.jca.GetInstance.getInstance(GetInstance.java:206)
at java.security.KeyFactory.getInstance(KeyFactory.java:211)
at org.bouncycastle.jcajce.util.NamedJcaJceHelper.createKeyFactory(Unknown Source)
at org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter.getKeyFactory(Unknown Source)
... 79 moreCaused by: org.bouncycastle.openssl.PEMException: unable to convert key pair: no such provider: BC
at org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter.getKeyPair(Unknown Source)
at com.atlassian.bamboo.crypto.BouncyCastleProviderUtils.toJavaKeyPair(BouncyCastleProviderUtils.java:57)
at com.atlassian.bamboo.crypto.BouncyCastleProviderUtils.toJavaKeyPair(BouncyCastleProviderUtils.java:72)
at com.atlassian.bamboo.plugins.ssh.ProxyConnectionDataBuilderImpl.withKeyFromReader(ProxyConnectionDataBuilderImpl.java:86)
at com.atlassian.bamboo.plugins.ssh.ProxyConnectionDataBuilderImpl.withKeyFromString(ProxyConnectionDataBuilderImpl.java:65)
at com.atlassian.bamboo.plugins.ssh.ProxyConnectionDataBuilderImpl.withKeyFromString(ProxyConnectionDataBuilderImpl.java:27)
at com.atlassian.bamboo.plugins.git.NativeGitOperationHelper.beforeRepositoryAccess(NativeGitOperationHelper.java:231)
... 67 more
Caused by: java.security.NoSuchProviderException: no such provider: BC
at sun.security.jca.GetInstance.getService(GetInstance.java:83)
at sun.security.jca.GetInstance.getInstance(GetInstance.java:206)
at java.security.KeyFactory.getInstance(KeyFactory.java:211)
at org.bouncycastle.jcajce.util.NamedJcaJceHelper.createKeyFactory(Unknown Source)
at org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter.getKeyFactory(Unknown Source)
... 74 moreThis may also result in the error "New access key is required but could not be added to Bitbucket Server" errors when attempting to add a Bitbucket repository, however this a very generic symptom which is more commonly caused by factors addressed on the below knowledge-base article:
Diagnosis
Environment
At time of writing this has been confirmed on:
- Bamboo 6.8.0 and Kantega SSO, SAML and Kerberos version 3.5.4
Workaround
Restart Bamboo. Bamboo will need to be restarted each time a new signing key is added via the Kantega SSO app until a fix is provided by the app vendor.
Last modified on Apr 10, 2019
Powered by Confluence and Scroll Viewport.