Tri*_*gle 10 https http jenkins
我有一个具有本地IP的专用网络。我想为我的Jenkins服务器启用HTTPS,它是静态IP WXYZ:8080。
Jenkins version 2.9
java version "1.7.0_111"
OpenJDK Runtime Environment (IcedTea 2.6.7) (7u111-2.6.7-0ubuntu0.14.04.3)
OpenJDK 64-Bit Server VM (build 24.111-b01, mixed mode)
我已经尝试在/ etc / defaults / jenkins文件中配置以下参数
HTTP_PORT=-1
JENKINS_ARGS="--webroot=/var/cache/$NAME/war -DsessionTimeout=1 --httpPort=$HTTP_PORT --httpsPort=8081"
但是我收到以下错误。请帮忙
Running from: /usr/share/jenkins/jenkins.war
webroot: $user.home/.jenkins
Oct 19, 2016 2:18:48 PM org.eclipse.jetty.util.log.JavaUtilLog info
INFO: Logging initialized @811ms
Oct 19, 2016 2:18:48 PM winstone.Logger logInternal
INFO: Beginning extraction from war file
Oct 19, 2016 2:18:48 PM org.eclipse.jetty.util.log.JavaUtilLog warn
WARNING: Empty contextPath
Using one-time self-signed certificate
Oct 19, 2016 2:18:48 PM winstone.Logger logInternal
INFO: Winstone shutdown successfully
Oct 19, 2016 2:18:48 PM winstone.Logger logInternal
SEVERE: Container startup failed
java.io.IOException: Failed to start a listener
winstone.HttpsConnectorFactory
at winstone.Launcher.spawnListener(Launcher.java:207)
at winstone.Launcher.<init>(Launcher.java:149)
at winstone.Launcher.main(Launcher.java:352)`enter code here`
at sun.reflect.NativeMethodAccessorImpl.invoke0
我发现这里解决了类似的问题,但对我不起作用
EDIT1:在/ etc / defaults / jenkins文件中尝试了以下更改,并重新启动了jenkins,但对我而言不起作用。
HTTP_PORT=-1
JENKINS_ARGS="--webroot=/var/cache/$NAME/war -DsessionTimeout=1 --httpPort=$HTTP_PORT --httpsPort=8443 --httpsCertificate=cert.pem --httpsPrivateKey=key.pem
您可以通过以下步骤通过HTTPS启用Jenkin,
步骤1:使用Java创建证书
keytool -genkey -keyalg RSA -alias“ localhost” -keystore“ C:\ Users \ username \ Desktop \ New folder \ localhost.jks” -validity 365 -keysize 2048 -dname“ CN = localhost,OU = OU_name,O = OU_name ,L =城市,ST =州名,C = two_letter_country_code“ -ext SAN = dns:localhost,ip:ip_address -storepass changeit
步骤2:从密钥存储文件中导出p12公共证书
keytool -importkeystore -srckeystore“ C:\ Users \ username \ Desktop \ New folder \ localhost.jks” -storepass changeit -destkeystore“ C:\ Users \ username \ Desktop \ New folder \ localhost.p12” -srcstoretype JKS -deststoretype PKCS12 -deststorepass changeit
第三步:使用密钥库(JKS)文件托管Jenkins
java -jar jenkins.war --httpsPort = 8082 --httpPort = -1 --httpsKeyStore =“ C:\ Users \ username \ Desktop \ New folder \ localhost.jks” --httpsKeyStorePassword = changeit
步骤4:将证书导入浏览器
您可能会有这样的问题,例如为什么我们要导出p12证书...嗯,我们将这个证书导入到我们访问Jenkins的浏览器中。相同的p12证书可以在多个用户之间共享。例如,在Chrome中,转到“设置”>“搜索”-“管理证书”,然后单击“管理证书”,您将获得“ 证书 ”窗口。将证书导入到每个选项卡(人员,其他人,中级证书颁发机构,受信任的根证书颁发机构,受信任的出版商和不受信任的发布者)。
| 归档时间: |
|
| 查看次数: |
33102 次 |
| 最近记录: |