Title: Configuring Jenkins to accept a self signed https certificate for git
Date: 2022-03-31
Lang: en

I recently did a setup of [Jenkins](https://www.jenkins.io) that had to access git repositories via https on a server that only had a self signed certificate. Here are the bits and pieces that I had to configure.

## Ignoring SSL warnings in git

Since all git traffic was internal I chose not to bother too much about this isssue and just disable http certificate checks in git. If you run the command

    ::shell
    git config --global http.sslVerify true

an entry like this will be added to your `.gitconfig`:

    :::shell
    [http]
        sslVerify = false

We'll have to put this `.gitconfig` in a couple of places to enable Jenkins accessing the git server.

## Jenkins master
Certain operations are performed on the master itself, e.g. scanning the repo for branches in multibranch pipelines.  The `.gitconfig` mentioned above must be placed into `/var/jenkins_home/.gitconfig` on the master. In my case this was a Docker setup so I mounted the file into the container.

## Jenkins worker
Before the first build step of a pipeline actually runs Jenkins does a git checkout on the worker node. Even if you choose to run your build inside a Docker container the checkout happens before the container is actually started. So the user running the Jenkins agent must be configured with the `.gitconfig` mentioned above, too.

## Not covered here
I'm sure there are other places where a git checkout happens in Jenkins, e.g. if you do a checkout as part of a pipeline using the `checkout()` function in a Jenkinsfile. Since I don't use that functionality right now I did not bother to go into details here.