Using the plugin

This page provides a few examples on how to use the Sectigo Jenkins integration for certificate issuance, renewal, and revocation. These examples can be called in the Jenkinsfile or directly in the Jenkins pipeline.

The following examples use the Credentials API and Config File Provider plugin to get the credentials and configuration file before calling the Sectigo Jenkins plugin to request or revoke a certificate.

Certificate issuance

Sample file for certificate issuance

stage('Build') {
    withCredentials([usernamePassword(credentialsId: '<Jenkins credentials id', passwordVariable: 'password',
                                        usernameVariable: 'login')]) {
        configFileProvider([configFile(fileId: 'yamlConfig', targetLocation: 'cfg.yaml',
                                        variable: 'configFile')]) {
            sectigo_jenkins_certificate name:'request certificate', operation: 'issue',
                cmHostname: 'myca.cert-manager', cmUri: 'custUri',
                cmUser:login, cmPassword: password,
                cfgFile:configFile, format:'yaml'
        }
    }
}

Certificate renewal

Sample file for certificate renewal

stage('Build') {
    withCredentials([usernamePassword(credentialsId: '<Jenkins credentials id', passwordVariable: 'password', usernameVariable: 'login')]) {
        configFileProvider([configFile(fileId: 'yamlConfig', targetLocation: 'cfg.yaml', variable: 'configFile')]) {
            sectigo_jenkins_certificate name:'renew certificate', operation: 'renew', certId:'<sslId>',
                cmHostname: 'myca.cert-manager', cmUri: 'custUri',
                cmUser:login, cmPassword: password,
                cfgFile:configFile, format:'yaml'
        }
    }
}

For auto-renewal, use operation issue with the configuration’s property sectigo_auto_renewal set to true.

Certificate revocation

Sample file for certificate revocation

stage('Build') {
    withCredentials([usernamePassword(credentialsId: '<Jenkins credentials id', passwordVariable: 'password', usernameVariable: 'login')]) {
        configFileProvider([configFile(fileId: 'yamlConfig', targetLocation: 'cfg.yaml', variable: 'configFile')]) {
            sectigo_jenkins_certificate name:'revoke certificate', operation:'revoke', certId:'<sslId>',
                cmHostname: 'myca.cert-manager', cmUri: 'custUri',
                cmUser:login, cmPassword:password,
                cfgFile:configFile, format:'yaml'
        }
    }
}