Skip to content

Instantly share code, notes, and snippets.

@shanedroid
Last active February 16, 2023 10:43
Show Gist options
  • Save shanedroid/20ab6f1b50ac9a2d8713c570c165e598 to your computer and use it in GitHub Desktop.
Save shanedroid/20ab6f1b50ac9a2d8713c570c165e598 to your computer and use it in GitHub Desktop.
Add GitHub SSL Certificate to Jenkins Keystore

I needed to do this as a workaround while running Jenkins via HTTPS, for some reason I was unable to get any GitHub Webhooks to work and would see the following errs in Jenkins log:

jenkins github webhook javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  1. Fetch the certificate from local GitHub:
openssl s_client -connect www.github.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/github_public.crt
  1. Import the certificate into the keystore. (I am using Ubuntu 14.04 with Open JDK 7):
/usr/lib/jvm/default-java/bin/keytool -import -alias www.github.com -keystore /usr/lib/jvm/default-java/jre/lib/security/cacerts -file /tmp/github_public.crt
  1. Bounce Jenkins: service jenkins restart
@snps-eadam
Copy link

Thank You, This helped a lot!
Eilbron

@perkooo
Copy link

perkooo commented Mar 17, 2020

Thanks, this also helped me.

@Furytron
Copy link

Thanks. Still clear and useful information. This helped me adding sonarqube certs to Jenkins.

@Yassineelkasmy
Copy link

This problem sucks , just add an option in the gitlab extension please?!!, always wasting plenty of time for a whole team , jesus!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment