How to import self signed certificate to Jenkins container?

what is the difference between certificate and public key?

A certificate contains a public key.
The certificate, in addition to containing the public key, contains additional information such as issuer, what the certificate is supposed to be used for, and other types of metadata.
Typically, a certificate is itself signed by a certificate authority (CA) using CA's private key. This verifies the authenticity of the certificate.
-https://superuser.com/questions/620121/what-is-the-difference-between-a-certificate-and-a-key-with-respect-to-ssl

then what is a self-signed certificate?

In cryptography and computer security, a self-signed certificate is a certificate that is not signed by a certificate authority (CA).
— https://en.wikipedia.org/wiki/Self-signed_certificate
in layman term, when a website implements https with self-signed certificate, you simply don't know whether they are what they claim to be.

how to import self signed certificate to Jenkins container?

[step 1] import self signed cert from target host as a pem

openssl s_client -showcerts -connect $self-signed-host:8481 </dev/null 2> /dev/null | openssl x509 -outform PEM > root_ca.pem

[step 2] add the certificate (pem) to Keystore (cacerts)

/usr/lib/jvm/jdk1.8.0_231/bin/keytool -import -alias cc -keystore cacerts -file root_ca.pem

[step 3] mount cacert to jenkins container

docker run -u root … -v /home/cert/cacerts:/etc/ssl/certs/java/cacerts jenkinsci/blueocean