Hi, On 16.10.19 17:03, Veera Mani wrote:
> How to setup the jenkins URL to https? > I am looking to use the jenkins tool in internal network , but still > would like to have it secure ? It can be done, but it is a major hassle to set up: - the certificate needs to be generated and signed externally, then converted to a Java keystore and passed into Jenkins from the command line - ports below 1024 are privileged and not accessible unless running with system privileges, which would expose a wide attack surface. Both of these can be worked around and automated to some extent, but it is usually easier to run Jenkins unencrypted on an unprivileged port, listening to connections on 127.0.0.1 only so it is not reachable from other hosts (for extra security, add a firewall rule for 127/8), and then configure nginx as a proxy, which allows you to use existing infrastructure for SSL-in-nginx deployments. Jenkins is prepared for this mode of operation, with a "base URL" setting in the global configuration. Simon -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/a0bf0231-cc04-a42c-5ed1-4979168f09b3%40hogyros.de.
signature.asc
Description: OpenPGP digital signature
