Unable to get HTTPS working

[Willem D'Haese]

Hello,

I'm relaticely new with Jenkins. Just did a clean install on a CentOS 7 server which worked fine.. I have a pfx generated by our privtae pki and would like to configure SSL for the Jenkins webpage with this certificate.

So I edited the jenkins configuration file to:

JENKINS_HOME="/var/lib/jenkins"

JENKINS_JAVA_CMD=""

JENKINS_USER="jenkins"

JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true"

JENKINS_PORT="-1"

JENKINS_LISTEN_ADDRESS=""

JENKINS_HTTPS_PORT="1443"

JENKINS_HTTPS_KEYSTORE="$JENKINS_HOME/.ssl/jenk01.domain.jks"

JENKINS_HTTPS_KEYSTORE_PASSWORD="password"

JENKINS_HTTPS_LISTEN_ADDRESS=""

JENKINS_AJP_PORT="8009"

JENKINS_AJP_LISTEN_ADDRESS=""

JENKINS_DEBUG_LEVEL="5"

JENKINS_ENABLE_ACCESS_LOG="no"

JENKINS_HANDLER_MAX="100"

JENKINS_HANDLER_IDLE="20"

JENKINS_ARGS=""

Configured the firewall to allow 443 and 1443 (as test)

firewall-cmd --list-all

public (default)

  interfaces:

  sources:

  services: dhcpv6-client http https ssh

  ports: 443/tcp 8080/tcp 1443/tcp

  masquerade: no

  forward-ports:

  icmp-blocks:

  rich rules:

Converted my pfx with this command:

keytool -importkeystore -srckeystore /var/lib/jenkins/.ssl/jenk01.domain.pfx -srcstoretype pkcs12 -destkeystore /var/lib/jenkins/.ssl/jenk01.domain.jks -deststoretype JKS

Enter destination keystore password:

Re-enter new password:

Enter source keystore password:

Entry for alias certreq-_tred-sha256-webserver-15f1af71-ee2d-4041-bb80-904310245102 successfully imported.

Import command completed:  1 entries successfully imported, 0 entries failed or cancelled

Restarted the jenkins service with 

systemctl restart jenkins.service

But when I try to access the Jenkins web application over https, I get an error connection refused error. is there anyone here who could get me on my way to troubleshooting this? I have tailed the Jenkins log, but can't find any useful info there..

tail -f /var/log/jenkins/jenkins.log

Jun 24, 2016 12:34:42 PM jenkins.InitReactorRunner$1 onAttained

INFO: Started all plugins

Jun 24, 2016 12:34:42 PM jenkins.InitReactorRunner$1 onAttained

INFO: Augmented all extensions

Jun 24, 2016 12:34:42 PM jenkins.InitReactorRunner$1 onAttained

INFO: Loaded all jobs

Jun 24, 2016 12:34:42 PM jenkins.InitReactorRunner$1 onAttained

INFO: Completed initialization

Jun 24, 2016 12:34:42 PM hudson.WebAppMain$3 run

INFO: Jenkins is fully up and running

I have tried the above on port 443 and port 1443.

Any help is welcome and appreciated!

Willem 

[Willem D'Haese]

Fyi, the above does work for port 1443. Not for 443.