Set up Jenkins with HTTPS

Jeansen - Feb 25 '23 - - Dev Community

Here is a quick guide on how to set up Jenkins with HTTPS. There are numerous guides available, already. And I read some of them. But two things struck me odd. First, some guides want you to change the central systemd file for Jenkins (instead of an override file) and secondly, they want you to create a JKS file (instead of PKCS #12).

So, my words of warning: Never overwrite files in /etc/systemd/system. These files are manged by your system and package manager. If you want to add or change settings for Jenkins, use /etc/systemd/system/jenkins.service.d/override.conf. JKS is a proprietary format. PCKS #12 on the other hand, is an industry standard and also the default keystore format since Java 9!

Generate SSL certificate

First, you'll need a certificate. You can create one with openssl:

 openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out jenkinns.pem
Enter fullscreen mode Exit fullscreen mode

Naturally, if you already have a certificate, you do not need to create a new one. But you'll have to convert it to a PKCS #12 file.

Continuing with the example above, you'll have to merge the files key.pem and jenkins.pem in a PKCS #12 keystore:

openssl pkcs12 -inkey key.pem -in jenkins.pem -export -out jenkins.p12
Enter fullscreen mode Exit fullscreen mode

Finally, put the file jenkins.p12 somewhere accessible to Jenkins. I put it in /var/lib/jenkins.

sudo mv ./jenkins.p12 /var/lib/jenkins
# I assume you run Jenkins with default settings. If you run it with a different user, you'll have to adapt the 'chown', of course!
sudo chown jenkins:jenkins /var/lib/jenkins/jenkins.p12
Enter fullscreen mode Exit fullscreen mode

Enable HTTPS in Jenkins service

With a new and shiny keystore in place, tell Jenkins how to use it. Create the file /etc/systemd/system/jenkins.service.d/override.conf and put the following content in it.

[Service]
Environment="JENKINS_HTTPS_PORT=8443"
Environment="JENKINS_HTTPS_KEYSTORE=/var/lib/jenkins/jenkins.p12"
Environment="JENKINS_HTTPS_KEYSTORE_PASSWORD=<your-password>"
Enter fullscreen mode Exit fullscreen mode

Now, restart the Jenkins service.

sudo systemctl daemon-reload

sudo systemctl restart jenkins.service
Enter fullscreen mode Exit fullscreen mode




All done

Accessing https://localhost:8443 now should give you the Jenkins login page, but with a valid and secure https connection.

Image
Why You Should Concentrate On The Improvement Of Locked Out Of Car No Spare Key
Image
Spare Car Keys Cost Tools To Ease Your Daily Lifethe One Spare Car Keys Cost Trick Every Individual Should Learn
Image
5 Laws That Will Help The Mesothelioma Asbestos Lawyer Industry
Image
Why We Enjoy Asbestos Cancer Law Lawyer Mesothelioma Settlement (And You Should Also!)
Image
What's Holding Back The Repair Bifold Door Top Roller Industry?
Image
Why We Love Bi Fold Door Repair (And You Should, Too!)
Image
Allbet Casino Gems: Discovering Hidden Treasures
Image
Allbet Casino Delights: Navigating the Virtual Realm
Image
Setting Up a Private Storage account for a Company

aws, cloudcomputing, beginners, cloudpractitioner
Image
Why No One Cares About Locked Out Of Car No Spare Key
Image
ش
Image
How to Install a UPVC Door Panels Cat Flap
Image
What Spare Key For Car Experts Want You To Be Able To
Image
Cat Flap Installation Near Me
Image
My 7-Day Journey with HackQuest Co-Learning Camp 10: Exploring the Future of AI and Web3 with Gaia

learnwithhq, 14daysoflearning
Image
Cat Flap Installation Into Glass
Image
The Complete List Of Hook Locks For Doors Dos And Don'ts
Image
10 Top Mobile Apps For Car Keys Lost
Image
Game On: The Asiagaming Free Credit Advantage
. . . . . . . . . . .
Terabox Video Player