I can try that but is it mandatory to go that way? Can't Jenkins SSL work with the settings that I am using?
On Monday, November 27, 2017 at 11:28:09 AM UTC+1, Joaquin Henriquez wrote: > > Whats if you use NGINX as a reverse proxy …. That’s what I am doing (SSL) > and it is working fine. > > > > *From:* jenkins...@googlegroups.com <javascript:> [mailto: > jenkins...@googlegroups.com <javascript:>] *On Behalf Of *Kaliyug > Antagonist > *Sent:* 27 November 2017 09:50 > *To:* Jenkins Users > *Subject:* EXTERNAL: Jenkins start-up fails after pointing to ssl cert > and key > > > > - Jenkins 2.73.3 > - Java(TM) SE Runtime Environment (build 1.8.0_151-b12) Java > HotSpot(TM) 64-Bit Server VM (build 25.151-b12, mixed mode) > - Red Hat Enterprise Linux Server release 7.4 (Maipo) > > The SSL cert and keys: > > [root@l5109p ssl]# ls -lrt /etc/security/ssl/ > > -rw-r-----. 1 jenkins jenkins 2894 Nov 27 09:17 > jenkins_wildcard.sss.se.com.cert.pem > > -rw-r-----. 1 jenkins jenkins 1766 Nov 27 09:18 > jenkins_wildcard.sss.se.com.key.pem > > In the /etc/sysconfig/jenkins, I have added the following entry: > > JENKINS_ARGS="--httpsPort=8443 > --httpsCertificate=/etc/security/ssl/jenkins_wildcard.sss.se.com.cert.pem > --httpsPrivateKey=/etc/security/ssl/jenkins_wildcard.sss.se.com.key.pem" > > On starting the jenkins service, it fails with the following error: > > Running from: /usr/lib/jenkins/jenkins.war > > Nov 27, 2017 9:42:17 AM Main deleteWinstoneTempContents > > WARNING: Failed to delete the temporary Winstone file > /tmp/winstone/jenkins.war > > Nov 27, 2017 9:42:17 AM org.eclipse.jetty.util.log.Log initialized > > INFO: Logging initialized @393ms to org.eclipse.jetty.util.log.JavaUtilLog > > Nov 27, 2017 9:42:17 AM winstone.Logger logInternal > > INFO: Beginning extraction from war file > > Nov 27, 2017 9:42:17 AM org.eclipse.jetty.server.handler.ContextHandler > setContextPath > > WARNING: Empty contextPath > > Nov 27, 2017 9:42:17 AM winstone.Logger logInternal > > INFO: Winstone shutdown successfully > > java.io.IOException: Failed to start a listener: > winstone.HttpsConnectorFactory > > at winstone.Launcher.spawnListener(Launcher.java:209) > > at winstone.Launcher.<init>(Launcher.java:150) > > at winstone.Launcher.main(Launcher.java:354) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke(Method.java:498) > > at Main._main(Main.java:294) > > at Main.main(Main.java:132) > > Caused by: java.lang.IllegalArgumentException: Not B64 encoded > > at org.eclipse.jetty.util.B64Code.decode(B64Code.java:428) > > at org.eclipse.jetty.util.B64Code.decode(B64Code.java:391) > > at > winstone.AbstractSecuredConnectorFactory.readPEMRSAPrivateKey(AbstractSecuredConnectorFactory.java:131) > > at > winstone.AbstractSecuredConnectorFactory.configureSsl(AbstractSecuredConnectorFactory.java:75) > > at winstone.HttpsConnectorFactory.start(HttpsConnectorFactory.java:41) > > at winstone.Launcher.spawnListener(Launcher.java:207) > > ... 8 more > > Nov 27, 2017 9:42:17 AM winstone.Logger logInternal > > SEVERE: Container startup failed > > java.io.IOException: Failed to start a listener: > winstone.HttpsConnectorFactory > > at winstone.Launcher.spawnListener(Launcher.java:209) > > at winstone.Launcher.<init>(Launcher.java:150) > > at winstone.Launcher.main(Launcher.java:354) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke(Method.java:498) > > at Main._main(Main.java:294) > > at Main.main(Main.java:132) > > Caused by: java.lang.IllegalArgumentException: Not B64 encoded > > at org.eclipse.jetty.util.B64Code.decode(B64Code.java:428) > > at org.eclipse.jetty.util.B64Code.decode(B64Code.java:391) > > at > winstone.AbstractSecuredConnectorFactory.readPEMRSAPrivateKey(AbstractSecuredConnectorFactory.java:131) > > at > winstone.AbstractSecuredConnectorFactory.configureSsl(AbstractSecuredConnectorFactory.java:75) > > at winstone.HttpsConnectorFactory.start(HttpsConnectorFactory.java:41) > > at winstone.Launcher.spawnListener(Launcher.java:207) > > ... 8 more > > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to jenkinsci-use...@googlegroups.com <javascript:>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/jenkinsci-users/d8802da2-4232-4e74-aad4-c04ef70f01ee%40googlegroups.com > > <https://groups.google.com/d/msgid/jenkinsci-users/d8802da2-4232-4e74-aad4-c04ef70f01ee%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/65e6dd77-24b5-493d-8cff-621b0e7cd9e4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.