如何在Dockerfile中为Jenkins添加SSL自签名证书？ [英] How to add a SSL self-signed cert to Jenkins for LDAPS within Dockerfile?

问题描述

我想在Jenkins的安全性下启用LDAPS，但我的LDAP服务器具有自签名CERT。有没有人这样做或有一些指针这样做？我必须使用keytool吗？

I want to enable LDAPS under security in Jenkins but my LDAP server has a self-signed CERT. Has anyone done this or have some pointers on doing this? Do I have to use keytool?

在我的Docker文件中，我正在尝试以下操作，但这不行：

In my Dockerfile I'm trying the following but this won't work:

FROM jenkins

USER root

# Install CA certs
COPY ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
RUN chmod +r /etc/ssl/certs/ca-certificates.crt

# Install the Jenkins plugin  
COPY plugins.txt /usr/share/jenkins/plugins.txt
RUN /usr/local/bin/plugins.sh /usr/share/jenkins/plugins.txt

# Expose container port 33838 for Jenkins UDP-based auto-discovery
EXPOSE 33848/udp

ENV JAVA_OPTS -Xmx2048m

推荐答案

事实证明，我只需要在Docker文件中添加它，其中ldap.cer是我的自签名证书的证书链。

It turns out I just need to add this in the Dockerfile where ldap.cer is the cert chain for my self-signed cert.

COPY ldap.cer $JAVA_HOME/jre/lib/security
RUN \
    cd $JAVA_HOME/jre/lib/security \
    && keytool -keystore cacerts -storepass changeit -noprompt -trustcacerts -importcert -alias ldapcert -file ldap.cer

这篇关于如何在Dockerfile中为Jenkins添加SSL自签名证书？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！