You may want to look at setting up a reverse proxy in front of Jenkins, offloading TLS. https://www.jenkins.io/doc/book/system-administration/reverse-proxy-configuration-with-jenkins/ On Mon, 2020-08-03 at 15:08 -0400, Gaiseric Vandal wrote:
Changed port to 8443. That seems to have fixed it. Thanks On 7/24/2020 11:12 AM, Gianluca wrote: Trying to guess: " java.net.SocketException: Permission denied" this smells of Java not running with enough privileges to open ports below 1024 Usually on Linux systems only root can open such ports. On Friday, 24 July 2020 16:04:36 UTC+1, gaiseric.vandal wrote: I am setting up jenkins on an CentOS 8 machine. Currently have one running under Ubuntu 16. On the new machine, I am unable to get HTTPS working, even tho the config seems the same as the other machine. My partial config file is # cat /etc/sysconfig/jenkins # JENKINS_HOME="/var/lib/jenkins" JENKINS_JAVA_CMD="" JENKINS_USER="jenkins" #JENKINS_INSTALL_SKIP_CHOWN="false" JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true" JENKINS_PORT="8080" JENKINS_LISTEN_ADDRESS="" JENKINS_HTTPS_PORT="443" JENKINS_HTTPS_KEYSTORE="/etc/jenkins/jenkins.jks" JENKINS_HTTPS_KEYSTORE_PASSWORD="xxxxxxx" JENKINS_HTTPS_LISTEN_ADDRESS="0.0.0.0" JENKINS_HTTP2_PORT="" JENKINS_HTTP2_LISTEN_ADDRESS="" JENKINS_DEBUG_LEVEL="5" JENKINS_ENABLE_ACCESS_LOG="no" JENKINS_HANDLER_MAX="100" JENKINS_HANDLER_IDLE="20" JENKINS_EXTRA_LIB_FOLDER="" JENKINS_ARGS="" # I am quite certain I have the key store correct I set up with keytool -genkey -alias servername.mydomain.com<http://servername.mydomain.com> -keyalg RSA -keystore /etc/jenkins/jenkins.jks -keysize 2048 Then generated a CSR, had it signed by our internal CA. Also imported the certificates for the CA's. I have the following errors $ cat /var/log/jenkins/jenkins.log Running from: /usr/lib/jenkins/jenkins.war Exception in thread "Jenkins initialization thread" java.lang.NoClassDefFoundError: hudson/util/HudsonFailedToLoad at hudson.WebAppMain$3.run(WebAppMain.java:276) Caused by: java.lang.ClassNotFoundException: hudson.util.HudsonFailedToLoad at java.net.URLClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:543) at java.lang.ClassLoader.loadClass(Unknown Source) ... 1 more java.io.IOException: Failed to start Jetty at winstone.Launcher.<init>(Launcher.java:184) at winstone.Launcher.main(Launcher.java:355) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at Main._main(Main.java:375) at Main.main(Main.java:151) Caused by: java.net.SocketException: Permission denied at sun.nio.ch.Net.bind0(Native Method) at sun.nio.ch.Net.bind(Unknown Source) at sun.nio.ch.Net.bind(Unknown Source) at sun.nio.ch.ServerSocketChannelImpl.bind(Unknown Source) at sun.nio.ch.ServerSocketAdaptor.bind(Unknown Source) at org.eclipse.jetty.server.ServerConnector.openAcceptChannel(ServerConnector.java:342) at org.eclipse.jetty.server.ServerConnector.open(ServerConnector.java:307) at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:80) at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72) at org.eclipse.jetty.server.Server.doStart(Server.java:385) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72) at winstone.Launcher.<init>(Launcher.java:182) ... 7 more $ I also tried extracting the key and cert and tried the following /etc/alternatives/java -Dcom.sun.akuma.Daemon=daemonized -Djava.awt.headless=true -DJENKINS_HOME=/var/lib/jenkins -jar /usr/lib/jenkins/jenkins.war --logfile=/var/log/jenkins/jenkins.log --webroot=/var/cache/jenkins/war --daemon --httpPort=8080 --httpsPort=443 --httpsListenAddress=0.0.0.0 --debug=5 --handlerCountMax=100 --handlerCountMaxIdle=20 --httpsCertificate=/etc/jenkins/jenkins.cer --httpsPrivateKey=/etc/jenkins/jenkins.key Same errors. I disabled selinux. Did not help. Tried linking /etc/alternative/java (default in the search path ) to Oracle 8 Java, OpenJDK8 and OpenJDK11. No luck. Appreciate any advice. Thanks -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com<mailto:jenkinsci-users+unsubscr...@googlegroups.com>. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/3eb7bec5-af4e-4f6b-ad4b-ba069b9f0f4do%40googlegroups.com<https://groups.google.com/d/msgid/jenkinsci-users/3eb7bec5-af4e-4f6b-ad4b-ba069b9f0f4do%40googlegroups.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/f7cff2c6e97c5ea87d0aa5c467e2f0a0da28b6b7.camel%40duo.nl.