Allow jenkins user to sudo

This is just a quick repost of RUN A SHELL FROM JENKINS USING SUDO (UBUNTU) Disclaimer: This is UNSAFE and you should NEVER do it unless in a protected, shielded and non-public-accessible dev environment. This is not even safe enough for a permanent testing environment.

GNUPG – Email encryption and signing – full setup on Mac OSX

To sign and encrypt emails on Thunderbird one can use PGP keys. To understand the cryptography behind it and read more about PGP, please use Google. This post will just describe the setup on Mac OSX. #1 Install Thunderbird I will let you figure out that one by yourself. Get it here. #2 Install Enigmail… Continue Reading GNUPG – Email encryption and signing – full setup on Mac OSX

Export Website Certificate from Chrome on OSX

Sometimes there are problems to export a website certificate that is not trusted by one of the major CAs (self-signed or development certificates for example). Usually you’d open the certificate details in Chrome, then drag and drop the image icon to any folder on your computer (for example your Desktop). Then you’d double click it and import… Continue Reading Export Website Certificate from Chrome on OSX

Reminder: Make Docker trust certificates

According to play-with-docker.com you can trust a self-signed cert by doing the following: If you are running the registry locally, be sure to use your host name as the CN.To get the docker daemon to trust the certificate, copy the domain.crt file. Make sure to restart the docker daemon. The /dev/null part is to avoid the output… Continue Reading Reminder: Make Docker trust certificates

Docker – Add trusted root ca to local docker-machine swarm

As one might want when using a custom Docker registry with a cert signed by a custom root ca. As finding the answer to this question has proven somewhat complicated, I’ll note my approach here for future reference (excerpt): Basically, copy pem (Base64 encoded) versions of your CA trust chain into /var/lib/boot2docker/certs/. You can’t use… Continue Reading Docker – Add trusted root ca to local docker-machine swarm

Key management during Docker build

While building we often require private keys to checkout repositories or access other required, access-restricted assets. In this particular case it was a github checkout that required a private key to an account with access to the respective repository. The requirements were: The key must be present during the build process There must not be… Continue Reading Key management during Docker build

curl – SSL peer does not support certificates of the type it received – or how I learned that certificates have a purpose

Certificates have a purpose which is determined at creation time. They may not be used for other intentions than what they werer created for… Find some details on how I learned this lesson in this post. Continue Reading curl – SSL peer does not support certificates of the type it received – or how I learned that certificates have a purpose

Fix “error during connect: Get https://10.10.18.10:2376/v1.37/containers/json: x509: certificate has expired or is not yet valid”

So…this happened lately: $ docker ps error during connect: Get https://xx.xx.xx.xx:xxxx/vx.xx/containers/json: x509: certificate has expired or is not yet valid Browsing to the URL gave me: This site can’t provide a secure connection xx.xx.xx.xx didn’t accept your login certificate, or one may not have been provided. Try contacting the system admin. ERR_BAD_SSL_CLIENT_AUTH_CERT journalctl -u docker.service… Continue Reading Fix “error during connect: Get https://10.10.18.10:2376/v1.37/containers/json: x509: certificate has expired or is not yet valid”