How to import self signed certificate to Jenkins container?
what is the difference between certificate and public key?
A certificate contains a public key.The certificate, in addition to containing the public key, contains additional information such as issuer, what the certificate is supposed to be used for, and other types of metadata.Typically, a certificate is itself signed by a certificate authority (CA) using CA's private key. This verifies the authenticity of the certificate.-https://superuser.com/questions/620121/what-is-the-difference-between-a-certificate-and-a-key-with-respect-to-ssl
then what is a self-signed certificate?
In cryptography and computer security, a self-signed certificate is a certificate that is not signed by a certificate authority (CA).— https://en.wikipedia.org/wiki/Self-signed_certificatein layman term, when a website implements https with self-signed certificate, you simply don't know whether they are what they claim to be.
how to import self signed certificate to Jenkins container?
[step 1] import self signed cert from target host as a pem
openssl s_client -showcerts -connect $self-signed-host:8481 </dev/null 2> /dev/null | openssl x509 -outform PEM > root_ca.pem
[step 2] add the certificate (pem) to Keystore (cacerts)
/usr/lib/jvm/jdk1.8.0_231/bin/keytool -import -alias cc -keystore cacerts -file root_ca.pem
[step 3] mount cacert to jenkins container
docker run -u root … -v /home/cert/cacerts:/etc/ssl/certs/java/cacerts jenkinsci/blueocean