Add SSL to Jenkins on CentOS 8

TheBishoyism — Tue, 14 Sep 2021 09:43:35 +0000

Run Certbot to create a new certificate and a new private key on the Jenkins Machine and follow the steps inside the command:

sudo certbot certonly --standalone

Then run the following to extract the JKS (Java Key Store) file:

openssl pkcs12 -export -in /etc/letsencrypt/live/<yourdomainname>/fullchain.pem -inkey /etc/letsencrypt/live/<yourdomainname>/privkey.pem -out /var/lib/jenkins/.ssl/certificate.p12 -name "certificate"

keytool -importkeystore -srckeystore certificate.p12 -srcstoretype pkcs12 -destkeystore cert.jks

Create a folder inside /var/lib/jenkins and call it ".ssl":

mkdir /var/lib/jenkins/.ssl

Copy the JKS file into the .ssl folder:

cp cert.jks /var/lib/jenkins/.ssl/

Change the mode and owner of the JKS file:

cd /var/lib/jenkins/
chmod 700 .ssl/cert.jks
chown -R jenkins:jenkins .ssl/

Edit the following in the /etc/sysconfig/jenkins file:

JENKINS_HTTPS_PORT="8443"
JENKINS_HTTPS_KEYSTORE="/var/lib/jenkins/.ssl/cert.jks"
JENKINS_HTTPS_KEYSTORE_PASSWORD="<your passkey here>"

then reroute port 443 to port 8443:

firewall-cmd --zone=public --add-service=https
firewall-cmd --add-forward-port=port=443:proto=tcp:toport=8443
firewall-cmd --runtime-to-permanent
firewall-cmd --reload
firewall-cmd --list-all

How To Install Certbot on CentOS 8

TheBishoyism — Mon, 13 Sep 2021 15:06:53 +0000

First, install snapd on CentOS 8

sudo dnf install epel-release
sudo dnf upgrade
sudo yum install snapd
sudo systemctl enable --now snapd.socket
sudo ln -s /var/lib/snapd/snap /snap

Installing Certbot:

sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot

- To run Certbot:

sudo certbot certonly --standalone

Then follow the instructions to create a certificate for your domain name

DEV Community: TheBishoyism

Add SSL to Jenkins on CentOS 8

How To Install Certbot on CentOS 8

- To run Certbot: