[JENKINS-29288] TLS 1.2 depreciation

Type: Improvement
Resolution: Unresolved
Priority: Major
Component/s: core
Labels:
- HTTPS
- SSL
- configuration
- security

Similar Issues:
Powered by SuggestiMate

Show

Hi there,

I was wondering if we can have the SSL subsystem move away from TLS 1.2 and use forward secrecy and either AES-GCM or CHACHA20_POLY1305 as per the depreciation of TLS features / algorithms?
I am by no means an expert but I noticed when I enabled HTTPS on the default jenkins install (from a fresh apt-get on a new machine) and imported my SSL certificates into the keystore, that the first warning that Chrome gave was about the outdated TLS 1.2 connection method.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

tls.png
9 kB
2015-07-08 12:00

Ian Moroney created issue - 2015-07-08 12:01

R. Tyler Croy made changes - 2016-07-25 23:51

Workflow

Original: JNJira [ 164158 ]

New: JNJira + In-Review [ 181531 ]

Oleg Nenashev made changes - 2017-04-15 22:54

Component/s		New: core [ 15593 ]
Component/s	Original: security [ 15508 ]

Assignee:: Unassigned

Reporter:: Ian Moroney

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2015-07-08 12:01

Updated:: 2017-04-15 22:54

Jenkins

Details

Description

Attachments

Attachments

Activity

People

Dates