Bug 1817436 - Login to jenkins using Openshift-oauth is failing with SSl error
Summary: Login to jenkins using Openshift-oauth is failing with SSl error
Keywords:
Status: CLOSED DUPLICATE of bug 1804345
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Jenkins
Version: 4.3.z
Hardware: x86_64
OS: Linux
unspecified
medium
Target Milestone: ---
: 4.5.0
Assignee: Akram Ben Aissi
QA Contact: Jitendar Singh
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-03-26 11:00 UTC by Arnab Ghosh
Modified: 2023-10-06 19:30 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-06-02 08:51:21 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
Jenkins DC (4.41 KB, text/plain)
2020-03-26 11:00 UTC, Arnab Ghosh 		no flags Details
Jenkins POD log (59.34 KB, text/plain)
2020-03-26 11:03 UTC, Arnab Ghosh 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Github openshift jenkins pull 1045 0 None closed Bug 1804345: handle ingress certificate signed by custom ca 2020-10-27 08:21:31 UTC

Description Arnab Ghosh 2020-03-26 11:00:51 UTC 
Created attachment 1673763 [details]
Jenkins DC

Description of problem:
Customer has added an additional CA trust bundle by modifying the proxy resource after installing Openshift 4.3 cluster. The 'custom-ca' configmap exists in openshift-config project.

~~~
apiVersion: v1
items:
- apiVersion: config.openshift.io/v1
  kind: Proxy
  metadata:
    name: cluster
  spec:
    trustedCA:
      name: custom-ca
  status: {}
~~~

After configuring additional ca trust bundle, he deployed jenkins from jenkins-ephemeral template. While login to jenkins he is facing SSL error.

We have followed steps mentioned in document[1] to inject the certificate using operator. However the issue persists.

[1] - https://docs.openshift.com/container-platform/4.3/networking/configuring-a-custom-pki.html#certificate-injection-using-operators_configuring-a-custom-pki

Version-Release number of selected component (if applicable):

Openshift 4.3

How reproducible:
Not sure

Steps to Reproduce:
1. Configure additional trusted ca bundle by modifying proxy resource
2. Deploy Jenkins
3. Follow document[1] to inject the certificate to jenkins deployment
4. Try to login

Actual results:
Unable to login to jenkins

Expected results:
Should be able to login to Jenkins

Additional info:
Login to other application like grafana, prometheus is possible. The error is mostly due to jenkins being a java based application. Jenkins DC definition and POD log attached.
Comment 1 Arnab Ghosh 2020-03-26 11:03:31 UTC 
Created attachment 1673764 [details]
Jenkins POD log
Comment 3 Akram Ben Aissi 2020-04-14 08:48:12 UTC 
we have pushed the PR to solve this issue. It is pending merge: https://github.com/openshift/jenkins/pull/1045
Comment 4 Stephen Cuppett 2020-04-16 13:16:10 UTC 
Setting target release to current development version (4.5) and POST with PR up. Where fixes (if any) are required/requested for prior versions, cloned BZs will be created when appropriate.
Comment 5 Akram Ben Aissi 2020-06-02 08:51:21 UTC 

*** This bug has been marked as a duplicate of bug 1804345 ***
Note You need to log in before you can comment on or make changes to this bug.