Switch jenkins.openstack.org to a snakeoil cert
The SSL cert for jenkins.openstack.org was obtained in 2013 when this interface was more heavily used by our developer community. Since then we've rolled out 7 additional Jenkins masters and so this is no longer a useful primary reference. The only real need for authenticated connections to its WebUI at this point is systems administrators performing maintenance and minimal local configuration, for which ToFU of a self-signed cert is sufficient. Change-Id: Ibf95983a2ac76c2e9e39bcfc99643e3cac401245
This commit is contained in:
parent
1faaa18139
commit
cddd9e6265
@ -134,9 +134,9 @@ node 'jenkins.openstack.org' {
|
||||
project_config_repo => 'https://git.openstack.org/openstack-infra/project-config',
|
||||
jenkins_jobs_password => hiera('jenkins_jobs_password', 'XXX'),
|
||||
jenkins_ssh_private_key => hiera('jenkins_ssh_private_key_contents', 'XXX'),
|
||||
ssl_cert_file_contents => hiera('jenkins_ssl_cert_file_contents', 'XXX'),
|
||||
ssl_key_file_contents => hiera('jenkins_ssl_key_file_contents', 'XXX'),
|
||||
ssl_chain_file_contents => hiera('jenkins_ssl_chain_file_contents', 'XXX'),
|
||||
ssl_cert_file => '/etc/ssl/certs/ssl-cert-snakeoil.pem',
|
||||
ssl_key_file => '/etc/ssl/private/ssl-cert-snakeoil.key',
|
||||
ssl_chain_file => '',
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -3,7 +3,6 @@ etherpad.openstack.org 443
|
||||
git.openstack.org 443
|
||||
groups.openstack.org 443
|
||||
groups-dev.openstack.org 443
|
||||
jenkins.openstack.org 443
|
||||
openstackid.org 443
|
||||
openstackid-dev.openstack.org 443
|
||||
review.openstack.org 443
|
||||
|
Loading…
Reference in New Issue
Block a user