Configuring Jenkins to accept a self signed https certificate for git

31.03.2022 by Dirk Olmes

I recently did a setup of Jenkins that had to access git repositories via https on a server that only had a self signed certificate. Here are the bits and pieces that I had to configure.

Ignoring SSL warnings in git

Since all git traffic was internal I chose not to bother too much about this isssue and just disable http certificate checks in git. If you run the command

git config --global http.sslVerify true

an entry like this will be added to your .gitconfig:

[http]
    sslVerify = false

We’ll have to put this .gitconfig in a couple of places to enable Jenkins accessing the git server.

Jenkins master

Certain operations are performed on the master itself, e.g. scanning the repo for branches in multibranch pipelines. The .gitconfig mentioned above must be placed into /var/jenkins_home/.gitconfig on the master. In my case this was a Docker setup so I mounted the file into the container.

Jenkins worker

Before the first build step of a pipeline actually runs Jenkins does a git checkout on the worker node. Even if you choose to run your build inside a Docker container the checkout happens before the container is actually started. So the user running the Jenkins agent must be configured with the .gitconfig mentioned above, too.

Not covered here

I’m sure there are other places where a git checkout happens in Jenkins, e.g. if you do a checkout as part of a pipeline using the checkout() function in a Jenkinsfile. Since I don’t use that functionality right now I did not bother to go into details here.


Comments

There are no comments yet.

Leave a comment
Your name:
Comment: