Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-31562

Remoting release process should fail if the certificate is outdated.

    XMLWordPrintable

Details

    Description

      I cannot run JNLP slaves from the web browser on default Java security setup. Seems remoting-2.53 has been release by ci_jenkinsci_org with the outdated certificate

      Attachments

        Issue Links

          relates to

          Improvement - An improvement or enhancement to an existing feature or task. JENKINS-49905 Jenkins core build should verify Remoting code signing during the release

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            Ascending order - Click to sort in descending order
            View 6 older comments
            kohsuke Kohsuke Kawaguchi added a comment -

            I think the easier way to prevent this is to make sure the build process fails if it tries to sign with an outdated certificate.

            kohsuke Kohsuke Kawaguchi added a comment - I think the easier way to prevent this is to make sure the build process fails if it tries to sign with an outdated certificate.
            kohsuke Kohsuke Kawaguchi added a comment -

            Hijacked this ticket accordingly.

            kohsuke Kohsuke Kawaguchi added a comment - Hijacked this ticket accordingly.
            oleg_nenashev Oleg Nenashev added a comment -

            I have added certificate verification to the Remoting release profile: https://github.com/jenkinsci/remoting/pull/190.
            It does not fully close the issue though

            oleg_nenashev Oleg Nenashev added a comment - I have added certificate verification to the Remoting release profile: https://github.com/jenkinsci/remoting/pull/190 . It does not fully close the issue though
            oleg_nenashev Oleg Nenashev added a comment -

            Now Remoting has a full verification on its side in PR builders.
            Core patches would be still useful, but I do not think it's critical

            oleg_nenashev Oleg Nenashev added a comment - Now Remoting has a full verification on its side in PR builders. Core patches would be still useful, but I do not think it's critical
            oleg_nenashev Oleg Nenashev added a comment -

            Detached core side to JENKINS-49905

            oleg_nenashev Oleg Nenashev added a comment - Detached core side to JENKINS-49905

            People

              oleg_nenashev Oleg Nenashev
              oleg_nenashev Oleg Nenashev
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: