IntroductionInstallationConfiguring Helm chartsPlatform-specific configurationsVerifying Helm chartsCreating Docker imagesVerifying Docker imagesHow-tos
IntroductionSpecial-case installationsInstaller optionsServer topology best practicesDefault installation directoriesVerifying installation binaries
IntroductionDefault configurationCustom configurationExpress agentExpress agent-onlyAdvanced agent-onlyCloudBees Analytics server
IntroductionExpress serverAdvanced serverExpress agentExpress agent-only (standalone)Advanced agent-only (standalone)CloudBees Analytics server installation
IntroductionSilent install overviewSilent install argumentsLinux installation examplesWindows installation examplesLinux repository server installation exampleWindows repository server installation exampleWindows or Linux CloudBees Analytics server installation example
IntroductionUNIX agent interactive command-lineUNIX agent unattended
IntroductionPrerequisitesPermissionsInstalling via the web interfaceInstalling via the API
Moving the artifact repository in Linux
Moving the artifact repository in Windows
Connecting CloudBees CD/RO to a Microsoft SQL server
Installing the MySQL JDBC driver
IntroductionUninstalling CloudBees CD/RO on Linux, Unix, or macOSUninstalling CloudBees CD/RO on WindowsUninstalling the CloudBees Analytics Server on LinuxUninstalling the CloudBees Analytics Server on Windows
Signing in to CloudBees CD/RO
IntroductionConfiguring initial events for Workload Insights
Introduction
Microservice applications
IntroductionArtifact stagingSnapshotsRollbackManaging dependencies
IntroductionApplications and processesManaging ApplicationsCreating processesAdding process stepsProcess branchingConfiguring plugin process stepsManual steps and tasksExample: manual step with runtime parameters
IntroductionCreating environmentsCreating environment tier mapsInventory trackingEnvironment inventoryGlobal environment inventoryEnvironment reservationsEnvironment lockingModeling dynamic environmentsAutomated environment discoveryExample: dynamic environment with Amazon and Chef
IntroductionMaster Component ExamplesMaster components list
IntroductionThird-party DeploymentApplication deploy optionsDeploying and troubleshooting applicationsDeployment packagesDeployment examplesDeploying applications with provisioned cloud resourcesExample: implementing deployment strategies
Property reference use case
Creating a project
Parameters
Full-stack dependency view
Configuration drift
Attaching credentials to processes
Developer task: creating custom plugins
IntroductionRelease and Environment Reservations CalendarVisibility and Status of Release PipelinesRelease DefinitionDeploy with Argo RolloutsRelease DashboardPlanned Versus Actual ViewPath to Production ViewRelease SummaryRunning and Ending Releases
IntroductionPipeline stages and gatesPipeline access controlPipeline tasksUse API to define tasksEntry and exit gatesPipeline conditionsPipeline start and end stages and stage skippingWait dependenciesNative CI integration Pipeline UI
IntroductionDefining gate approvalsPipeline objects and conditionsPipeline stage summaryCredentials in pipelines
IntroductionExample: Creating a manual task in a pipelineExample: plugin pipeline tasksExample: integrating test automation in release pipelinesExample: leveraging test data management and service virtualization in release pipelinesExample: Surfacing Jenkins build details in Flow
Signing in to CloudBees CD/RO
Guided Tutorials
Home page
Personas
Viewing and changing access control privileges on objects
My work dashboard
Object list layout
Object schedules
Event-based triggers
IntroductionPaginationSearching and filteringHierarchy menuProperty browserProjects in CloudBees CD/ROObject tags
IntroductionUsing chkconfigClusterInfoTooleccertecconfigureecdaemonecproxyecremotefilecopyZKConfigTool
IntroductionThe default zone and gateways to remote zonesSetting agent environment variablesLicensesExternal Database ConfigurationConfiguring CloudBees CD/RO to Use an Alternate DatabaseConfiguring autostart for non-root/non-sudo Linux installationsUniversal access to the plugins directoryEnvironment proxy server configurationSystem health monitoringIncreasing file descriptors on LinuxAdjusting swappiness on LinuxSetting variables on Windows agent machinesConfiguring Kibana to work with CloudBees AnalyticsServer propertiesServer settingsSource code synchronizationGitOps configuration with Helm charts
Data Retention
IntroductionPerformance consequences of change trackingEstimating database growthBest practices for change trackingConfiguring change trackingSearching the change historyViewing the change historyModifying what you see in the change historyReverting changes to a tracked object and its tracked contentsExporting a previous state of a tracked object and its tracked contents
IntroductionSetting Email NotificationsSelecting and Editing Email Messages for Application or Microservice Processes
Producing audit reports
Configuration drift
IntroductionInstalling pluginsCreating configurationsManaging pluginsCreating pluginsManaging the plugin catalog
Self-Service Catalogs
IntroductionArchitecture of a CloudBees CD/RO ClusterResource, agent, and procedure considerationsSoftware for clusteringDependencies for clusteringConfiguring clusteringSeparating agents from flow serversPreparing your cluster resourcesInstalling and configuring a load balancerInstalling ZooKeeperConfiguring a multi-ZooKeeper clusterInstalling CloudBees CD/RO softwareConfiguring repository serversConfiguring machines to operate in clustered modeRunning a cluster in single-server modeAdding the configuration to ZooKeeperUploading configuration files to ZooKeeperGetting Information on the CloudBees CD/RO server cluster from ZooKeeperAdding a node to an existing clusterConfiguring web server propertiesConfiguring repository server propertiesConfiguring CloudBees CD/RO agentsConfiguring the cluster workspaceConfiguring CloudBees CD/RO repositoriesAdding trusted agents to clustersVerifying CloudBees CD/RO servicesAccessing CloudBees CD/RO with clusteringHealth check for the CloudBees CD/RO clusterAdditional Ways to improve a clusterInstalling the CloudBees Analytics server in cluster modeUsing self-signed certificates in CloudBees CD/RO on KubernetesDisaster recovery
Introduction
Build-test automation
IntroductionScenario 1 - Creating a simple procedureScenario 2 - Creating a procedure that uses an SCMScenario 3 - Notification, scheduling, and reportingScenario 4 - Multi-agent build and test
IntroductionAutomation platform home pageCustomizing the automation platform UIConfiguring CloudBees CD/ROUsing CloudBees CD/RO in your environmentCloudBees CD/RO Installed tools
IntroductionArtifact managementAuthenticating users for ldap and active directoryAuto-discoveryDefect trackingElectricSentryJob step execution environmentPreflight buildsPostprocessorsReportsWorkflow overviewWorkspaces and disk space management
IntroductionIntrinsic propertiesReserved wordsProperty shortcutsProperty error codes
IntroductionAdding a link to a jobCalling a subprocedureChecking the outcome of preceding stepsConditional executionCustom parameter layoutsEmail notificationsExecuting tasks on all resources in a poolFactory proceduresPostp extensionPublishing and retrieving an artifactReserving a resource for the job step durationRunning steps in parallelStep timeouts and steps that always runStoring and retrieving properties in a jobWorking with properties stored in a procedure
Using special characters in object names
IntroductionDefining entriesCreate new or edit existing privileges
IntroductionArtifact detailsCreate new or edit existing artifactsArtifact versionsArtifact version detailsEdit an existing artifact versionRepositoriesCreate new or edit existing repositories
Database configuration
IntroductionCreate new or edit existing configurationsDefect tracking reports
IntroductionCreate new or edit existing email configurationsEmail notifiers
Event log
IntroductionJob configurationShortcutsJobs quick view
IntroductionCloudBees CD/RO job detailsJob step details
IntroductionProcedure runsCreate new or edit existing procedureCreate new or edit existing stepsPublish artifact version stepsRetrieve artifact version stepsSend email stepsExtract preflight sources stepsCreate new or edit existing parameters
IntroductionProject detailsCreate new or edit existing schedulesCreate new or edit existing credentials
IntroductionNested Property Sheet
Reports
IntroductionResource poolsCreate new or edit existing poolsResource pool details
IntroductionSearch resultsEdit existing property settings
IntroductionCreate new or edit existing configurations
IntroductionUsersCreate new or edit existing local usersUser detailsEdit user settingsGroupsCreate new or edit existing groupsGroup detailsCreate new or edit existing directory providersSingle sign-onTest directory provider
IntroductionCreate new or edit exiting workflow definitionsWorkflow definition detailsRun workflowWorkflow detailsWorkflow logTransition workflow
IntroductionCreate new or edit existing workspacesWorkspace file

CloudBees CD/RO Self-Signed Server Certificate Fails Security Scan

2 minute readTroubleshooting

Description

You might need to replace the self-signed CloudBees CD/RO server certificate if it fails the security scan.

If you are using a certificate authority (CA) certificate or an intermediate CA certificate instead and it has expired, see CA Server Certificate Expires for details about updating it.

There are three relevant configuration entries in the server/conf/commander.properties file:

COMMANDER_HTTPS_PORT=8443
COMMANDER_KEYSTORE=file:conf/keystore
COMMANDER_KEYSTORE_PASSWORD=abcdef

Where:

  • COMMANDER_HTTPS_PORT configures the SSL port

  • COMMANDER_KEYSTORE is the location of the java keystore where the CloudBees CD/RO HTTP server finds its host certificate

  • COMMANDER_KEYSTORE_PASSWORD is the password to the keystore

Workaround

Follow these steps to generate and inject a self-signed certificate for 1 year.

  1. Back up the keystore file.

  2. Delete the original key.

    user@USER /cygdrive/c/ProgramData/cloudbees/sda/conf
$ "c:/Program Files/cloudbees/sda/jre/bin/keytool" -delete -alias jetty -keystore keystore -keypass passkey
Enter keystore password: abcdef

  3. Generate and inject a new certificate.

    user@USER /cygdrive/c/ProgramData/cloudbees/sda/conf
$ "c:/Program Files/cloudbees/sda/jre/bin/keytool" -keystore keystore -alias jetty -genkey -keyalg RSA -sigalg MD5withRSA -validity 365
Enter keystore password: abcdef
What is your first and last name?
  [Unknown]:  localhost
What is the name of your organizational unit?
  [Unknown]: <Enter>
What is the name of your organization?
  [Unknown]: <Enter>
What is the name of your City or Locality?
  [Unknown]: <Enter>
What is the name of your State or Province?
  [Unknown]: <Enter>
What is the two-letter country code for this unit?
  [Unknown]: <Enter>
Is CN=localhost, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?
  [no]:  yes
Enter key password for <jetty>
  (RETURN if same as keystore password): <Enter>
. Restart the server.

    Your new certificate will look similar to this:

    user@USER /cygdrive/c/ProgramData/cloudbees/sda/conf
$ "c:/Program Files/cloudbees/sda/jre/bin/keytool" -list -v -keystore keystore_orig -keypass passkey
Enter keystore password: abcdef
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: jetty
Creation date: Jan 31, 2012
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=localhost, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown
Issuer: CN=localhost, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown

Serial number: 4f28603f
Valid from: Tue Jan 31 13:42:23 PST 2012 until: Wed Jan 30 13:42:23 PST 2013
Certificate fingerprints:
MD5:  38:50:CD:29:8C:16:3A:78:29:0F:45:56:E0:CA:42:D9
SHA1: 9B:A3:E4:EA:A7:C0:3A:ED:BF:63:24:18:F0:08:78:22:59:85:BC:8A
Signature algorithm name: MD5withRSA
Version: 3
*******************************************
*******************************************
Windows PHP does not handle time zones correctly
The AES passkey was accidentally overwritten