Hello Alex do you get any success in jenkins integration with stunnel? On Tuesday, February 12, 2019 at 9:45:27 PM UTC+5:30, Alex Domoradov wrote: > > Any advise? > > On Monday, February 11, 2019 at 1:37:45 PM UTC+2, Alex Domoradov wrote: >> >> Hello, >> >> Does anyone has successes in such kind of integration? Because Google >> LDAP service requires certificate authentication I can't point Jenkins >> directly to the ldaps://ldap.google.com. I have tried to use stunnel but >> without success. >> >> Jenkins: 2.150.2 >> LDAP plugin: 1.20 >> >> Jenkins settings >> >> https://i.imgur.com/rShdcmR.png >> >> https://i.imgur.com/RC0crE9.png >> >> 172.17.0.1 is the address of stunnel. I use the following config with >> stunnel >> >> # cat /etc/stunnel/ldap.conf >> [ldap] >> client = yes >> accept = 127.0.0.1:389 >> connect = ldap.google.com:636 >> cert = /etc/stunnel/gldap.crt >> key = /etc/stunnel/gldap.key >> >> >> Also I have tried to import google certificate and private key to my own >> keystore >> >> $ openssl pkcs12 -export -out ldap.google.com.pkcs12 \ >> >> -inkey gldap.key -in gldap.crt >> >> >> $ keytool -v -importkeystore -srckeystore ldap.google.com.pkcs12 \ >> >> -srcstoretype PKCS12 -destkeystore cacerts -deststoretype JKS >> >> >> and point Jenkins to it >> >> -Djavax.net.ssl.keyStore=/var/jenkins_home/.cacerts/cacerts >> -Djavax.net.ssl.keyStorePassword=changeit >> >> >> But without success. Did I miss something? >> >> -- Your feedback matters - At Knoldus we aim to be very professional in our quality of work, commitment to results, and proactive communication. If you feel otherwise please share your feedback <https://forms.gle/Ax1Te1DDpirAQuQ8A> and we would work on it.
-- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/6aff3646-6ba2-4f05-8a3a-4adb7c37c6eeo%40googlegroups.com.
