Menu
I want to enable LDAPS under security in Jenkins but my LDAP server has a self-signed CERT. Has anyone done this or have some pointers on doing this? Do I have to use keytool?
In my Dockerfile I'm trying the following but this won't work:
FROM jenkins
USER root
# Install CA certs
COPY ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
RUN chmod +r /etc/ssl/certs/ca-certificates.crt
# Install the Jenkins plugin
COPY plugins.txt /usr/share/jenkins/plugins.txt
RUN /usr/local/bin/plugins.sh /usr/share/jenkins/plugins.txt
# Expose container port 33838 for Jenkins UDP-based auto-discovery
EXPOSE 33848/udp
ENV JAVA_OPTS -Xmx2048m
482
It turns out I just need to add this in the Dockerfile where ldap.cer is the cert chain for my self-signed cert.
COPY ldap.cer $JAVA_HOME/jre/lib/security
RUN \
cd $JAVA_HOME/jre/lib/security \
&& keytool -keystore cacerts -storepass changeit -noprompt -trustcacerts -importcert -alias ldapcert -file ldap.cer
Run keytool to import the CA cert into your java keystore.
See:
telling java to accept self-signed ssl certificate
33
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
