Whitenoise

Jenkins and SSL: x509: certificate signed by unknown authority error

Introduction

David Fava

David Fava


LATEST POSTS

How to remove unused Docker images. 24th September, 2018

Setting up Graylog behind Traefik (SSL with Let’s Encrypt). LDAP auth through FreeIPA. 23rd September, 2018

Linux

Jenkins and SSL: x509: certificate signed by unknown authority error

Posted on .

This is something that really run me mad and took a while to have it sorted. Unfortunately there is not much documentation online, therefore I am posting this for personal reference and to help others who could stumble upon the same issue.

I needed to set-up a private Docker registry at Rigoblock.com as part of our CI/CD setup and obviously we wanted it over https.

This can be achieved easily with Letsencrypt just by following a couple of on-line tutorials, but it happens that I had a COMODO wildcard certificate for our testing domain.

Jenkins can be run with something like this:

However, make sure that REGISTRY_HTTP_TLS_CERTIFICATE is the entire certificate chain. With COMODO certificates you can achieve that with something like the following:

and then run the above docker command with:

Similarly, if you decide to put Jenkins behind a nginx proxy, as we did, make sure that the server section includes the following configuration variable:

David Fava

David Fava

There are no comments.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

View Comments (0) ...
Navigation