The SSL cert and keys:
[root@l5109p ssl]# ls -lrt /etc/security/ssl/
-rw-r-----. 1 jenkins jenkins 2894 Nov 27 09:17 jenkins_wildcard.sss.se.com.cert.pem
-rw-r-----. 1 jenkins jenkins 1766 Nov 27 09:18 jenkins_wildcard.sss.se.com.key.pem
In the /etc/sysconfig/jenkins, I have added the following entry:
JENKINS_ARGS="--httpsPort=8443 --httpsCertificate=/etc/security/ssl/jenkins_wildcard.sss.se.com.cert.pem --httpsPrivateKey=/etc/security/ssl/jenkins_wildcard.sss.se.com.key.pem"
On starting the jenkins service, it fails with the following error:
Running from: /usr/lib/jenkins/jenkins.war
Nov 27, 2017 9:42:17 AM Main deleteWinstoneTempContents
WARNING: Failed to delete the temporary Winstone file /tmp/winstone/jenkins.war
Nov 27, 2017 9:42:17 AM org.eclipse.jetty.util.log.Log initialized
INFO: Logging initialized @393ms to org.eclipse.jetty.util.log.JavaUtilLog
Nov 27, 2017 9:42:17 AM winstone.Logger logInternal
INFO: Beginning extraction from war file
Nov 27, 2017 9:42:17 AM org.eclipse.jetty.server.handler.ContextHandler setContextPath
WARNING: Empty contextPath
Nov 27, 2017 9:42:17 AM winstone.Logger logInternal
INFO: Winstone shutdown successfully
java.io.IOException: Failed to start a listener: winstone.HttpsConnectorFactory
at winstone.Launcher.spawnListener(Launcher.java:209)
at winstone.Launcher.<init>(Launcher.java:150)
at winstone.Launcher.main(Launcher.java:354)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at Main._main(Main.java:294)
at Main.main(Main.java:132)
Caused by: java.lang.IllegalArgumentException: Not B64 encoded
at org.eclipse.jetty.util.B64Code.decode(B64Code.java:428)
at org.eclipse.jetty.util.B64Code.decode(B64Code.java:391)
at winstone.AbstractSecuredConnectorFactory.readPEMRSAPrivateKey(AbstractSecuredConnectorFactory.java:131)
at winstone.AbstractSecuredConnectorFactory.configureSsl(AbstractSecuredConnectorFactory.java:75)
at winstone.HttpsConnectorFactory.start(HttpsConnectorFactory.java:41)
at winstone.Launcher.spawnListener(Launcher.java:207)
... 8 more
Nov 27, 2017 9:42:17 AM winstone.Logger logInternal
SEVERE: Container startup failed
java.io.IOException: Failed to start a listener: winstone.HttpsConnectorFactory
at winstone.Launcher.spawnListener(Launcher.java:209)
at winstone.Launcher.<init>(Launcher.java:150)
at winstone.Launcher.main(Launcher.java:354)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at Main._main(Main.java:294)
at Main.main(Main.java:132)
Caused by: java.lang.IllegalArgumentException: Not B64 encoded
at org.eclipse.jetty.util.B64Code.decode(B64Code.java:428)
at org.eclipse.jetty.util.B64Code.decode(B64Code.java:391)
at winstone.AbstractSecuredConnectorFactory.readPEMRSAPrivateKey(AbstractSecuredConnectorFactory.java:131)
at winstone.AbstractSecuredConnectorFactory.configureSsl(AbstractSecuredConnectorFactory.java:75)
at winstone.HttpsConnectorFactory.start(HttpsConnectorFactory.java:41)
at winstone.Launcher.spawnListener(Launcher.java:207)
... 8 more
Whats if you use NGINX as a reverse proxy …. That’s what I am doing (SSL) and it is working fine.
--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
jenkinsci-use...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-users/d8802da2-4232-4e74-aad4-c04ef70f01ee%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Not Mandatory, but easier. You might need to create a jks file. Like I have done for JIRA or Teamcity (any java base web)
https://serverfault.com/questions/278555/how-to-use-jenkins-with-ssl-https
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/65e6dd77-24b5-493d-8cff-621b0e7cd9e4%40googlegroups.com.