Using the plugin
This page provides a few examples on how to use the Sectigo Jenkins integration for certificate issuance, renewal, and revocation. These examples can be called in the Jenkinsfile or directly in the Jenkins pipeline.
The following examples use the Credentials API and Config File Provider plugin to get the credentials and configuration file before calling the Sectigo Jenkins plugin to request or revoke a certificate. |
Certificate issuance
Sample file for certificate issuance
stage('Build') {
withCredentials([usernamePassword(credentialsId: '<Jenkins credentials id', passwordVariable: 'password',
usernameVariable: 'login')]) {
configFileProvider([configFile(fileId: 'yamlConfig', targetLocation: 'cfg.yaml',
variable: 'configFile')]) {
sectigo_jenkins_certificate name:'request certificate', operation: 'issue',
cmHostname: 'myca.cert-manager', cmUri: 'custUri',
cmUser:login, cmPassword: password,
cfgFile:configFile, format:'yaml'
}
}
}
Certificate renewal
Sample file for certificate renewal
stage('Build') {
withCredentials([usernamePassword(credentialsId: '<Jenkins credentials id', passwordVariable: 'password', usernameVariable: 'login')]) {
configFileProvider([configFile(fileId: 'yamlConfig', targetLocation: 'cfg.yaml', variable: 'configFile')]) {
sectigo_jenkins_certificate name:'renew certificate', operation: 'renew', certId:'<sslId>',
cmHostname: 'myca.cert-manager', cmUri: 'custUri',
cmUser:login, cmPassword: password,
cfgFile:configFile, format:'yaml'
}
}
}
For auto-renewal, use operation issue with the configuration’s property |
Certificate revocation
Sample file for certificate revocation
stage('Build') {
withCredentials([usernamePassword(credentialsId: '<Jenkins credentials id', passwordVariable: 'password', usernameVariable: 'login')]) {
configFileProvider([configFile(fileId: 'yamlConfig', targetLocation: 'cfg.yaml', variable: 'configFile')]) {
sectigo_jenkins_certificate name:'revoke certificate', operation:'revoke', certId:'<sslId>',
cmHostname: 'myca.cert-manager', cmUri: 'custUri',
cmUser:login, cmPassword:password,
cfgFile:configFile, format:'yaml'
}
}
}