Last week our Gitlab SSL Certificate expired, and I noticed that all of our Jenkins jobs were all failing due to the SSL Certificate Expired.
I followed the instructions and generated a new GitLab SAN certificate using OpenSSL and applied it to the GitLab Linux Server. I verified with Chrome, and other web browsers that when browsing to our https:// GitLab website, the certificate was showing as valid and no longer displaying a certificate expired error. Every thing looks all good, but a few days later we’ve noticed that the Jenkins jobs are still failing.
Every GIT project is showing this error:
fatal: unable to access ‘https://git.ourdomain.here/jenkins/’: SSL certificate problem: certificate has expired
Jenkins is installed on a Windows Server, and so I’m not sure what else should be done. We’ve tried restarting the jenkins service, rebooting the Windows server, but jobs fail every time they run with that error. I’ve seen posts saying that on the Linux version of Jenkins, “You need to update your /etc/ssl/certs/ca-certificates.crt with the new Gitlab server certificate”. I don’t see anything cert related on the Windows Jenkins install.
Other articles mention using Jenkins with a keystore, but I think that’s only if you want to run the Jenkins website with SSL, and we don’t. So there is nothing in the jenkins.xml file about a keystore.
I cannot figure out why the GitLab site with the new cert returns that error when Jenkins tries to connect to it.