Issue

• I want to configure Client Master with HTTPS and connect it to a CJOC

Environment

• CloudBees Jenkins Platform - Client Master (CJP-CM)
• CloudBees Jenkins Platform - Operations Center (CJP-OC)

Resolution

CJOC is not a HTTPS/SSL/TLS endpoint

CJOC does not initiate the connection to the master, so it doesn’t care if the master is on HTTPS or HTTP.

CJOC is a HTTPS/SSL/TLS endpoint

The Client Master initiates the connection to CJOC. In order for the Client Master to discover the agent port that CJOC is listening on you need to give the master the TLS cert of CJOC. There are two ways to do that:

1. Using CJOC feature

(This is the recommended solution as you have complete control and can be assured that the cert is validated for discovery)
If using versions of the OC plugins released after Feb 18th 2016 ( operations-center-server 1.7.17+ / 1.8.6+ and operations-center-client 1.7.6+ / 1.8.5+) you can just configure the cert in CJOC’s global security config and that cert will be added to the connection details.

You can check that the connection is successful in the Client Master Global Configuration:

2. Manually Import the Certificates

You can manually add the certificates to the master’s trust store following the documentation Client Master - Running on a TLS Endpoint.

Further References

• OC deployed on an TLS end-point using a cert that is not trusted by the client master JVM
• How to install a new SSL certificate
• Test a SSL connection from Jenkins