我想在Jenkins的安全性下启用LDAPS,但我的LDAP服务器有一个自签名的CERT.有没有人这样做或有一些指示这样做?我必须使用keytool吗?
在我的Dockerfile中,我正在尝试以下操作,但这不起作用:
FROM jenkins
USER root
# Install CA certs
COPY ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
RUN chmod +r /etc/ssl/certs/ca-certificates.crt
# Install the Jenkins plugin
COPY plugins.txt /usr/share/jenkins/plugins.txt
RUN /usr/local/bin/plugins.sh /usr/share/jenkins/plugins.txt
# Expose container port 33838 for Jenkins UDP-based auto-discovery
EXPOSE 33848/udp
ENV JAVA_OPTS -Xmx2048m
最佳答案
事实证明我只需要在Dockerfile中添加它,其中ldap.cer是我自签名证书的证书链.
COPY ldap.cer $JAVA_HOME/jre/lib/security
RUN \
cd $JAVA_HOME/jre/lib/security \
&& keytool -keystore cacerts -storepass changeit -noprompt -trustcacerts -importcert -alias ldapcert -file ldap.cer
