Issue
- We need to install a certificate chain as we use self signed certs in our internal docker registry.
Environment
- CloudBees Jenkins Enterprise - AWS/OpenStack/Anywhere
Resolution
To import the certificates in your cluster you have to use the certificates-update
cluster operation
cje prepare certificates-update
then you copy your certificates and all certificates chain in $CJE_PROJECT_FOLDER/certificates
, the certificate files must end with .pem
extension.
Then, you run cje apply
and the certificated will be picked up automatically and installed on all VMs/containers involved in the cluster.
Finally, you need to restart all the Managed Masters for those changes to take effect.
Note: If the SSL certificate is self-signed or uses a custom certificate authority, it needs to be trusted by the workstation running the installation (import to the default JVM .keystore
) as well as copied to the workers of the cluster.
0 Comments