Using signed SSL certificates to start Jenkins

[Mike Bayliss]

I've no problems starting Jenkins with a self signed certificate, but now I'm trying to use one signed by my employer.

I generated a certifcate request with openssl (files host.csr and host.pem) and  the signing process has returned me a certificate (host.crt) and a signing chain (host.p7b). I can start Jenkins using host.crt and host.pem, either directly or by putting them in a keystore, but in each case with an untrusted connection error (sec_error_unknown_issuer).

How do I use the host.p7b file to get rid of this error? The various answers on stack overflow are just getting me more confused.

Thanks,

Mike

[Mike Bayliss]

To follow up myself, actually I only have the problem in Firefox. Using IE or chrome I don't get a warning (although the self signed certificate gave me warnings). So should I be trying to fix this in my keystore or is just my Firefox is missing a certificate from my company?

Mike

[Maciej Jaros]

Mike Bayliss (2015-04-03 15:09):

To follow up myself, actually I only have the problem in Firefox. Using IE or chrome I don't get a warning (although the self signed certificate gave me warnings). So should I be trying to fix this in my keystore or is just my Firefox is missing a certificate from my company?

This is not a Jenkins issue... but IE and Chrome use certificate authorities installed in your system. Firefox uses internal registry for extra certificates. You need to install CA certificate from your company by simply opening it in Firefox and enabling required options in a dialog that will popup.

Regards,
Nux.