Provide a convenient way of adding a custom root certificate authority cert
Rolf-MP opened this issue · 6 comments
What feature do you want to see added?
I would like to be able to e.g. volume map my root CA cert into a location in the Jenkins container and have the image import that/those cert(s) into the keystore being used by Jenkins at startup.
Upstream changes
No response
Hi @Rolf-MP , you should be able to do so by mounting the certificate in the container, or by building your custom image instead: is there anything blocking you in this area?
Hello Damien - thanks for your reply!
I do not have the steps handy but do remember that the ca-cert needs to be available for Tomcat/Jetty somehow if we want Jenkins to trust certificates issued by our company certificate authority.
Java/Jenkins - at least back when we originally put Jenkins in place did not use the system cacerts. I ran into a similar issue when migrating from VM to docker-image Jenkins deployment.
The title therefore says "convenient".
If - for the docker image - there would be a documented/env-var-settable location to mount the cacert to such that it would be automatically picked up for use by Jenkins at start of the container that would be convenient.
Maybe I overlooked something - very well possible ..
Might be possible by changing our entrypoint to call this:
https://github.com/adoptium/containers/blob/898a806f10921208544fea3f5fa0dcef261c4f53/21/jdk/alpine/entrypoint.sh#L25