All geek questions in one place

How to add Jenkins SSL self-signed certificate for LDAPS in Dockerfile?

I want to enable LDAPS under security in Jenkins, but my LDAP server has a self-signed CERT. Has anyone done this or has some pointers to this? Should I use keytool?

In my Docker file, I am trying to do the following, but this will not work:

FROM jenkins USER root # Install CA certs COPY ca-certificates.crt /etc/ssl/certs/ca-certificates.crt RUN chmod +r /etc/ssl/certs/ca-certificates.crt # Install the Jenkins plugin COPY plugins.txt /usr/share/jenkins/plugins.txt RUN /usr/local/bin/plugins.sh /usr/share/jenkins/plugins.txt # Expose container port 33838 for Jenkins UDP-based auto-discovery EXPOSE 33848/udp ENV JAVA_OPTS -Xmx2048m
+5
source share
3 answers

Turns out I just need to add this to the Docker file, where ldap.cer is the certificate chain for my self-signed certificate.

 COPY ldap.cer $JAVA_HOME/jre/lib/security RUN \ cd $JAVA_HOME/jre/lib/security \ && keytool -keystore cacerts -storepass changeit -noprompt -trustcacerts -importcert -alias ldapcert -file ldap.cer
+7
source

Run keytool to import the CA certificate into the java key store.

Cm:

tell java to accept self-signed ssl certificate

0
source

On our build server with jenkins, nexus and sonarqube, we use the extracted and prepared cacerts on the host using the initial parameter for docker run .

See my answer fooobar.com/questions/1242673 / ...

0
source

Source: https://habr.com/ru/post/1242669/

More articles:


All Articles