Firstly, my impact and experience with certificates are limited, so I try to use this as a learning experience, as well as get an answer.
Using Jenkins, I would like to be able to make a curl request as part of my assembly, which uses a certificate (.p12) for authentication.
Example
curl --cert /Users/Jenkins/.jenkins/workspace/develop-pipeline/../certificates/dev_cert.p12:password https://jira.dev.organisation.co.uk:443/rest/api/2/issue/MYSTATS-1234
So, I have a desktop certificate (private key) that I saved on the machine where Jenkins works, but I also understand that I need a CA certificate to authorize this private key (I hope this is still the case).
When I ran the curl command from the terminal on a Jenkins machine, I got a pop-up window that asked me that I want to use the certificate in the keychain for authorization, and I always clicked so that command-line curl requests always work.
However, when I run this as part of the Jenkins build, I get
(58) SSL: Can't load the certificate "/Users/Jenkins/.jenkins/workspace/develop-pipeline/../certificates/dev_cert.p12" and its private key: OSStatus -25308
The path to the certificate is correct because the directory structure
develop-pipeline
certificates
dev_cert.p12
I do not understand that if I did not provide a password
curl --cert /Users/Jenkins/.jenkins/workspace/develop-pipeline/../certificates/dev_cert.p12 https://jira.dev.organisation.co.uk:443/rest/api/2/issue/MYSTATS-1234
I get a message:
SSL The certificate "/Users/Jenkins/.jenkins/workspace/develop-pipeline/dev_cert.p12" requires a password
So, he found a certificate?
Also, providing incorrect passwords gives
SSL: Incorrect password for the certificate "/Users/Jenkins/.jenkins/workspace/develop-pipeline/dev_cert.p12" and its private key.
What do I need to do to make this work?