Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-11866

OpenID plugin does not work with SSL-only Jenkins

    • Icon: Bug Bug
    • Resolution: Not A Defect
    • Icon: Minor Minor
    • openid-plugin
    • Debian Linux (wheezy), OpenJDK 6

      I have created a self signed cert for use with Jenkins (Winstone) so
      that I can run under SSL:
      keytool -v -genkey -alias jenkins -keypass donttell -storepass donttell -keyalg RSA -keystore jenkins.ks

      And then I have started Jenkins to run more securely by enabling
      only the SSL port (and insuring the AJP port is only accessible
      by localhost):
      java -jar /var/lib/jenkins/bin/jenkins.war --httpPort=-1 --ajp13port=8009 --ajp13ListenAddress=127.0.0.1 --httpsPort=8443 --httpsKeyStore=/var/lib/jenkins/jenkins.ks --httpsKeyStorePassword=donttell

      When attempting to add an OpenID I am directed to the provider,
      authenticate, but I'm redirected back to
      {{ http://mysite:8080/federatedLoginService/openid/finish... }} instead of
      {{ https://mysite:8443/federatedLoginService/openid/finish... }}.

      It is highly likely that this cannot be debugged until there is a
      resolution to JENKINS-11746 (as hand fixing the URL above results in
      an NPE).

          [JENKINS-11866] OpenID plugin does not work with SSL-only Jenkins

          Tom Marble created issue -

          Tom Marble added a comment -

          Hmmm I realize my Jenkins URL was not set correctly in the main config dialog

          As soon as JENKINS-11746 is resolved I'll try again.

          Tom Marble added a comment - Hmmm I realize my Jenkins URL was not set correctly in the main config dialog As soon as JENKINS-11746 is resolved I'll try again.

          kylecordes added a comment -

          As of version 1.7 at least (I didn't check anything older back) SSL-only with OpenID works 100% fine (at least for us).

          kylecordes added a comment - As of version 1.7 at least (I didn't check anything older back) SSL-only with OpenID works 100% fine (at least for us).

          This is because Jenkins root URL is not set correctly.

          Kohsuke Kawaguchi added a comment - This is because Jenkins root URL is not set correctly.
          Kohsuke Kawaguchi made changes -
          Resolution New: Not A Defect [ 7 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]
          R. Tyler Croy made changes -
          Workflow Original: JNJira [ 142109 ] New: JNJira + In-Review [ 189974 ]

            kohsuke Kohsuke Kawaguchi
            tmarble Tom Marble
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: