My Jenkins server was switched to now using HTTPS. However, now when trying to run jenkins-cli.jar, I get the following error:

Exception in thread "main" java.io.IOException: Failed to connect to https://ncs-jenkins.cisco.com/
    at hudson.cli.CLI.getCliTcpPort(CLI.java:266)
    at hudson.cli.CLI.<init>(CLI.java:126)
    at hudson.cli.CLIConnectionFactory.connect(CLIConnectionFactory.java:72)
    at hudson.cli.CLI._main(CLI.java:466)
    at hudson.cli.CLI.main(CLI.java:382)
Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:902)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1208)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1235)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1219)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:440)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
    at hudson.cli.CLI.getCliTcpPort(CLI.java:264)
    ... 4 more
Caused by: java.io.EOFException: SSL peer shut down incorrectly
    at sun.security.ssl.InputRecord.read(InputRecord.java:482)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:883)
    ... 11 more

Is there any way to use Jenkins CLI over HTTPS?

This happens, for example when I try to run even just the help command:

java -jar jenkins-cli.jar -noCertificateCheck -s https://ncs-jenkins.cisco.com:8443/ -i /home/auto/.ssh/id_rsa help

I encountered the same problem on one of my jenkins slaves. Since the slaves were supposed to be identical, I started investigating the slightest differences between the machines. As it turns out, the java version was slightly different:

java-1.7.0-openjdk-1.7.0.75.x86_64 - On the working machine

java-1.7.0-openjdk-1.7.0.85.x86_64 - On the failing one.

I reverted back to the earlier openjdk version and the problem was fixed. Since you asked the question only a few days ago, I suspect we've encountered the same problem.

To check your version:

java -showversion -verbose 2>&1 | head -1

To install the previous openjdk version (on centos):

yum install java-1.7.0-openjdk-devel-1:1.7.0.75-2.5.4.0.el6_6.x86_64

If you are using a valid SSL cert. Checkout the jenkins-cli commands returning connect timed out

PS: This is not a solution but may be a workaround until a solution is found.

This works for me:

java -jar jenkins-cli.jar -noCertificateCheck -auth @jenkins_creds.txt -s https://jenkins.example.com help

(If I omit -auth then I get an expected error about the need to authenticate to the Jenkins instance, but that doesn't seem relevant to you error.)

java-version java version "1.8.0_144" Java(TM) SE Runtime Environment (build 1.8.0_144-b01) Java HotSpot(TM) 64-Bit Server VM (build 25.144-b01, mixed mode)

Jenkins version: 2.138.3

I am wondering whether you have some other piece of equipment between your cli and your Jenkins server that cuts the connection if HTTPS cert verification fails.