# Duplicate Java Keystore file and move into Jenkins.Ĭp $JAVA_HOME/jre/lib/security/cacerts $JENKINS_HOME/keystore/
Openssl s_client -showcerts -connect /dev/null | openssl x509 -outform PEM > ~/root_ca.pem Obtain the certificate, copy the JVM keystore for Jenkins, import the certificate into the keystore, add the trusted keystore to the Jenkins startup parameters and restart Jenkins. You can import the certificate into your JVM cacerts file using the following commands. $JENKINS_HOME - This is the path to your Jenkins home. Example would be “git-repo”, or “artifact server”. It is a value to distinguish this certificate from others. If you only have the Java Runtime Environment (JRE) installed, then you can replace $JAVA_HOME/jre with the $JRE_HOME. $JAVA_HOME - This should be the location of where your current java home is. However, you don't want to add it to the JRE cacert keystore because it will be overwritten/rewritten by the JRE, so it's best to duplicate this file for Jenkins. For an Debian/Ubuntu Linux machine, that's usually located here: $JAVA_HOME/jre/lib/security/cacerts You will need to add the certificate to your Java Certificate Authority file. In doing so, we tell the JVM that this is is a “trusted” certificate and to “ignore” any issues with it. This sometimes can confuse the JVM as it is not one of the ones on the Java “trusted” list who can provide these certificates.īecause we know that the certificate is “valid” we can import this certificate directly into the JVM. Sometimes the certificate is provided by an internal Root CA or is a Self-Signed Certificate. This is caused when the Java environment does not have information about the HTTPS server to verify that it is a valid website. That error is a common error message reported by the Java Virtual Machine.
0 kommentar(er)
