This group is very helpful in resolving issues with Jenkins.
The problem is that the SSL certificate installed and certified by the root CA certificate of my Corporation still does not work with the error specified earlier. Therefore, it is important for me to get a good proven and working instruction that will allow me to follow the steps to create, sign, and install the certificate and settings in Jenkins.
Please share this link to the description or video. Thanks.
| Hi, let’s separate two completely different tasks of what you are trying to achieve: 1) Configure Jenkins server to serve itself over SSL / HTTPS 2) Use a certificate that your browser recognise as valid The documents you listed, tell you how to do point 1) and in general is left to you (or to other guides) how to do point 2) Now, from the error you see on the browser, “CERT_AUTHORITY_INVALID”, I’m pretty sure that you achieved 1) So, you actually did it !! But maybe you don’t know exactly what the error means. So, I’ll try to details to best of my knowledge (I’m not an expert of certificate authorities): - the browser tries to reach your Jenkins over port 443 (HTTPS) - Jenkins reply correctly and the browser is happy and they start to establish an SSL connection between them (that means they successfully exchanged the SSL certificate and they can encrypt the connection) - But the browser wants to be sure that the certificate has been made by some “known” trusted authority … let’s think of it like a known valid institution that produce valid certificates - … but when it looks inside the certificates, it can’t find a certificate authority that knows … and then, for safety, it stops the communication and raise an error saying that it can’t “trust” the certificate because it’s not produced by an authority that it knows. So, Jenkins is setup correctly and you did everything correctly on configure it. The last bit that remains for you is to get a “real” valid certificate from a real valid certificate authority … if you can’t, then you can’t avoid the browser giving the CERT_AUTHORITY_INVALID error. I hope that’s clear. Cheers, Gianluca. P.S.: The fact Jenkins does not have access to the Internet, doesn’t prevent you to get a valid certificate from a valid authority, like letsencrypt or other certificate authorities like Comodo SSL, and so on. We have many servers in our infrastructure without access to Internet but with valid certificate from Comodo SSL and LetsEncrypt
You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/6422CCE5-7F24-4671-A5D7-9DE43A47721E%40gmail.com. |
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/1759662953.20201213183242%40gmail.com.
