Hello Alex do you get any success in jenkins integration with stunnel? On Tuesday, February 12, 2019 at 9:45:27 PM UTC+5:30, Alex Domoradov wrote: > > Any advise? > > On Monday, February 11, 2019 at 1:37:45 PM UTC+2, Alex Domoradov wrote: >> >> Hello, >> >> Does anyone has successes in such kind of integration? Because Google >> LDAP service requires certificate authentication I can't point Jenkins >> directly to the ldaps://ldap.google.com. I have tried to use stunnel but >> without success. >> >> Jenkins: 2.150.2 >> LDAP plugin: 1.20 >> >> Jenkins settings >> >> https://i.imgur.com/rShdcmR.png >> >> https://i.imgur.com/RC0crE9.png >> >> 172.17.0.1 is the address of stunnel. I use the following config with >> stunnel >> >> # cat /etc/stunnel/ldap.conf >> [ldap] >> client = yes >> accept = 127.0.0.1:389 >> connect = ldap.google.com:636 >> cert = /etc/stunnel/gldap.crt >> key = /etc/stunnel/gldap.key >> >> >> Also I have tried to import google certificate and private key to my own >> keystore >> >> $ openssl pkcs12 -export -out ldap.google.com.pkcs12 \ >> >> -inkey gldap.key -in gldap.crt >> >> >> $ keytool -v -importkeystore -srckeystore ldap.google.com.pkcs12 \ >> >> -srcstoretype PKCS12 -destkeystore cacerts -deststoretype JKS >> >> >> and point Jenkins to it >> >> -Djavax.net.ssl.keyStore=/var/jenkins_home/.cacerts/cacerts >> -Djavax.net.ssl.keyStorePassword=changeit >> >> >> But without success. Did I miss something? >> >> -- Your feedback matters - At Knoldus we aim to be very professional in our quality of work, commitment to results, and proactive communication. If you feel otherwise please share your feedback <https://forms.gle/Ax1Te1DDpirAQuQ8A> and we would work on it.
-- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/6aff3646-6ba2-4f05-8a3a-4adb7c37c6eeo%40googlegroups.com.
