Not Mandatory, but easier. You might need to create a jks file. Like I have done for JIRA or Teamcity (any java base web) https://serverfault.com/questions/278555/how-to-use-jenkins-with-ssl-https
From: [email protected] [mailto:[email protected]] On Behalf Of Kaliyug Antagonist Sent: 27 November 2017 10:38 To: Jenkins Users Subject: EXTERNAL: Re: EXTERNAL: Jenkins start-up fails after pointing to ssl cert and key I can try that but is it mandatory to go that way? Can't Jenkins SSL work with the settings that I am using? On Monday, November 27, 2017 at 11:28:09 AM UTC+1, Joaquin Henriquez wrote: Whats if you use NGINX as a reverse proxy …. That’s what I am doing (SSL) and it is working fine. From: [email protected]<javascript:> [mailto:[email protected]<javascript:>] On Behalf Of Kaliyug Antagonist Sent: 27 November 2017 09:50 To: Jenkins Users Subject: EXTERNAL: Jenkins start-up fails after pointing to ssl cert and key * Jenkins 2.73.3 * Java(TM) SE Runtime Environment (build 1.8.0_151-b12) Java HotSpot(TM) 64-Bit Server VM (build 25.151-b12, mixed mode) * Red Hat Enterprise Linux Server release 7.4 (Maipo) The SSL cert and keys: [root@l5109p ssl]# ls -lrt /etc/security/ssl/ -rw-r-----. 1 jenkins jenkins 2894 Nov 27 09:17 jenkins_wildcard.sss.se.com.cert.pem -rw-r-----. 1 jenkins jenkins 1766 Nov 27 09:18 jenkins_wildcard.sss.se.com.key.pem In the /etc/sysconfig/jenkins, I have added the following entry: JENKINS_ARGS="--httpsPort=8443 --httpsCertificate=/etc/security/ssl/jenkins_wildcard.sss.se.com.cert.pem --httpsPrivateKey=/etc/security/ssl/jenkins_wildcard.sss.se.com.key.pem" On starting the jenkins service, it fails with the following error: Running from: /usr/lib/jenkins/jenkins.war Nov 27, 2017 9:42:17 AM Main deleteWinstoneTempContents WARNING: Failed to delete the temporary Winstone file /tmp/winstone/jenkins.war Nov 27, 2017 9:42:17 AM org.eclipse.jetty.util.log.Log initialized INFO: Logging initialized @393ms to org.eclipse.jetty.util.log.JavaUtilLog Nov 27, 2017 9:42:17 AM winstone.Logger logInternal INFO: Beginning extraction from war file Nov 27, 2017 9:42:17 AM org.eclipse.jetty.server.handler.ContextHandler setContextPath WARNING: Empty contextPath Nov 27, 2017 9:42:17 AM winstone.Logger logInternal INFO: Winstone shutdown successfully java.io.IOException: Failed to start a listener: winstone.HttpsConnectorFactory at winstone.Launcher.spawnListener(Launcher.java:209) at winstone.Launcher.<init>(Launcher.java:150) at winstone.Launcher.main(Launcher.java:354) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at Main._main(Main.java:294) at Main.main(Main.java:132) Caused by: java.lang.IllegalArgumentException: Not B64 encoded at org.eclipse.jetty.util.B64Code.decode(B64Code.java:428) at org.eclipse.jetty.util.B64Code.decode(B64Code.java:391) at winstone.AbstractSecuredConnectorFactory.readPEMRSAPrivateKey(AbstractSecuredConnectorFactory.java:131) at winstone.AbstractSecuredConnectorFactory.configureSsl(AbstractSecuredConnectorFactory.java:75) at winstone.HttpsConnectorFactory.start(HttpsConnectorFactory.java:41) at winstone.Launcher.spawnListener(Launcher.java:207) ... 8 more Nov 27, 2017 9:42:17 AM winstone.Logger logInternal SEVERE: Container startup failed java.io.IOException: Failed to start a listener: winstone.HttpsConnectorFactory at winstone.Launcher.spawnListener(Launcher.java:209) at winstone.Launcher.<init>(Launcher.java:150) at winstone.Launcher.main(Launcher.java:354) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at Main._main(Main.java:294) at Main.main(Main.java:132) Caused by: java.lang.IllegalArgumentException: Not B64 encoded at org.eclipse.jetty.util.B64Code.decode(B64Code.java:428) at org.eclipse.jetty.util.B64Code.decode(B64Code.java:391) at winstone.AbstractSecuredConnectorFactory.readPEMRSAPrivateKey(AbstractSecuredConnectorFactory.java:131) at winstone.AbstractSecuredConnectorFactory.configureSsl(AbstractSecuredConnectorFactory.java:75) at winstone.HttpsConnectorFactory.start(HttpsConnectorFactory.java:41) at winstone.Launcher.spawnListener(Launcher.java:207) ... 8 more -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<javascript:>. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/d8802da2-4232-4e74-aad4-c04ef70f01ee%40googlegroups.com<https://groups.google.com/d/msgid/jenkinsci-users/d8802da2-4232-4e74-aad4-c04ef70f01ee%40googlegroups.com?utm_medium=email&utm_source=footer>. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/65e6dd77-24b5-493d-8cff-621b0e7cd9e4%40googlegroups.com<https://groups.google.com/d/msgid/jenkinsci-users/65e6dd77-24b5-493d-8cff-621b0e7cd9e4%40googlegroups.com?utm_medium=email&utm_source=footer>. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/62c92b3d0305401dbba949ebd6afee4d%40BSKEXCH2013HYPV.mwrinfosecurity.com. For more options, visit https://groups.google.com/d/optout.
