如何在Jenkins Windows 2012 R2中实现https
[英]How to implement https in Jenkins Windows 2012 r2
问题描述
I need to implement Https for the Jenkins server. 
我需要为Jenkins服务器实现Https。 for that i have done the below steps. 为此,我已经完成了以下步骤。
Step 1: openssl genrsa -out domain_name_8080.key 2048 步骤1:openssl genrsa -out domain_name_8080.key 2048
Step 2: openssl req -new -key domain_name_8080.key -out domain_name_8080.txt 步骤2:openssl req -new -key domain_name_8080.key -out domain_name_8080.txt
Step 3: Send this to the internal certificate authority for generating the .cer file. 步骤3:将其发送给内部证书颁发机构以生成.cer文件。
Step 4: I created a new keystore with the command: keytool -genkeypair -keysize 2048 -keyalg RSA -alias domain.name:8080 -keystore keystore2 步骤4:我使用以下命令创建了一个新的密钥库:keytool -genkeypair -keysize 2048 -keyalg RSA -alias domain.name:8080 -keystore keystore2
Step 5: keytool -list -keystore keystore2 步骤5:keytool -list -keystore keystore2
Step 6: keytool -keystore keystore2 -importcert -alias domain_name_8080 -file Jenkinscert.cer(live cer file) 步骤6:keytool -keystore keystore2 -importcert -alias domain_name_8080 -file Jenkinscert.cer(实时cer文件)
Step 7: keytool -list -keystore keystore2 步骤7:keytool -list -keystore keystore2
Step 8: Copy the keystore2 to secrets folder 步骤8:将keystore2复制到secrets文件夹
Step 9: edit the xml file by giving the details --httpsPort=8443 --httpsKeyStore="%BASE%\\secrets\\keystore2" --httpsKeyStorePassword=P*****1 步骤9:通过提供详细信息来编辑xml文件--httpsPort = 8443 --httpsKeyStore =“%BASE%\\ secrets \\ keystore2” --httpsKeyStorePassword = P ***** 1
I followed the above steps but unable to implement https. 我遵循了上述步骤,但是无法实现https。 If anybody know how to implement https for jenkins please help. 如果有人知道如何为詹金斯实现https,请提供帮助。 I have the files .cer, .key file with me. 我有.cer,.key文件。
1 个解决方案
解决方案1
0 2018-09-08 16:29:03
Approach for real or production environments 适用于实际或生产环境的方法
The best, easy, secure, scalable and for real environments is delegate this complexity to your load balancer , proxy or something like that. 最好,简单,安全,可扩展且适用于实际环境的方法是将这种复杂性委托给您的负载均衡器,代理或类似的东西。
Advantages : 好处 :
- Centralized ssl configurations in your load balancer (apache, nginx, etc) 负载均衡器中的集中式SSL配置(Apache,nginx等)
- You just need to buy one certificate with wildcard and multi domain configuration to expose several applications with https. 您只需要购买一个具有通配符和多域配置的证书,即可使用https公开多个应用程序。
- Internal applications does not require crazy modifications for https support. 内部应用程序不需要对https支持进行疯狂的修改。 Almost all good applications must works fine regardless if is running in http or https. 无论是在http还是https中运行,几乎所有好的应用程序都必须运行良好。
Disadvantages : 缺点:
- You need a new machine($$$) to host your load-balancer (optimum way). 您需要一台新机器($$$)来承载您的负载均衡器(最佳方式)。 Is not recommended but you can host your load balancer in the same machine of your application. 不建议这样做,但是您可以将负载均衡器托管在应用程序的同一台计算机上。
- You need to learn load balancer configurations.Apache is something complex. 您需要学习负载均衡器配置。Apache是一件复杂的事情。 I prefer nginx. 我更喜欢nginx。
For Jenkins 对于詹金斯
Jenkins works perfectly with nginx configurations as previous explanation. Jenkins与nginx配置完美配合,如前所述。 Also this approach works with your own self-signed certificates to development purposes. 同样,此方法可与您自己的自签名证书一起使用,以达到开发目的。
- Nginx configuration Nginx配置
https://gist.github.com/jrichardsz/033ef1cef14b734e46c0f45a344b4b6c https://gist.github.com/jrichardsz/033ef1cef14b734e46c0f45a344b4b6c
- Apache configuration Apache配置
https://gist.github.com/jrichardsz/4743990af78f8efefa0f67ce17e8e144 https://gist.github.com/jrichardsz/4743990af78f8efefa0f67ce17e8e144
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.