Created
April 24, 2018 15:33
-
-
Save mattchilds1/b2d7e4c07060cc6123e8cd1b3324d4c6 to your computer and use it in GitHub Desktop.
A gist to configure Jenkins to serve over 8443 (HTTPS/TLS) with a self signed certificate. Intended to be used on AWS behind an ALB serving jenkins over 443 (HTTPS/TLS) with a public certificate.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Stop jenkins service | |
sudo service jenkins stop | |
## Disable Jenkins HTTPS port | |
sudo sed -i 's|JENKINS_PORT="8080"|JENKINS_PORT="-1"|g' /etc/sysconfig/jenkins | |
## Add Jenkins HTTPS port (8433) | |
sudo sed -i 's|JENKINS_HTTPS_PORT=""|JENKINS_HTTPS_PORT="8433"|g' /etc/sysconfig/jenkins | |
## Add Jenkins HTTPS keystore | |
sudo sed -i 's|JENKINS_HTTPS_KEYSTORE=""|JENKINS_HTTPS_KEYSTORE="/opt/efs/jenkins/keystore.jks"|g' /etc/sysconfig/jenkins | |
## Add keystore password, change <keystore_password> to required password. Should be passed in from secrets manager at runtime | |
sudo sed -i 's|JENKINS_HTTPS_KEYSTORE_PASSWORD=""|JENKINS_HTTPS_KEYSTORE_PASSWORD="<keystore_password>"|g' /etc/sysconfig/jenkins | |
## Navigate to location of JENKINS_HOME and generate required keystore passing in various required info | |
cd /opt/efs/jenkins/ | |
sudo keytool -genkey -alias <external/internal_domain> -keyalg RSA -dname 'CN=<external/internal_domain>, OU=UK, O=UK, C=UK, ST=LON, L=WESTMINSTER' -storepass <keystore_password> -validity 365 -keystore keystore.jks -keypass <keystore_password> -deststoretype pkcs12 | |
sudo chown -R jenkins:jenkins /opt/efs/jenkins/keystore.jks | |
## Start jenkins service | |
sudo service jenkins start |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment