Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-31562

Remoting release process should fail if the certificate is outdated.

XMLWordPrintable

      I cannot run JNLP slaves from the web browser on default Java security setup. Seems remoting-2.53 has been release by ci_jenkinsci_org with the outdated certificate

        1. Screen Shot 2015-11-16 at 14.35.18.png
          Screen Shot 2015-11-16 at 14.35.18.png
          53 kB

          [JENKINS-31562] Remoting release process should fail if the certificate is outdated.

          Oleg Nenashev created issue -
          Oleg Nenashev made changes -
          Component/s New: core [ 15593 ]
          Component/s Original: core [ 15738 ]
          Key Original: SECURITY-231 New: JENKINS-31562
          Workflow Original: Security v1.2 [ 166986 ] New: JNJira [ 166986 ]
          Project Original: Security Issues [ 10180 ] New: Jenkins [ 10172 ]
          Status Original: Untriaged [ 10001 ] New: Open [ 1 ]

          Oleg Nenashev added a comment -

          fixed the project

          Oleg Nenashev added a comment - fixed the project

          Jesse Glick added a comment -

          I guess this should become an acceptance test using a `DockerFixture` with a specific JRE installation, so we could catch such problems mechanically before release.

          Jesse Glick added a comment - I guess this should become an acceptance test using a `DockerFixture` with a specific JRE installation, so we could catch such problems mechanically before release.

          Jesse Glick added a comment -

          Maybe also a unit test in `core` verifying that the certificate is good for at least six months or so.

          Jesse Glick added a comment - Maybe also a unit test in `core` verifying that the certificate is good for at least six months or so.

          Oleg Nenashev added a comment -

          +1

          Oleg Nenashev added a comment - +1

          Oleg Nenashev added a comment -

          Troubleshooting and "fixes": http://java.com/en/download/help/appsecuritydialogs.xml

          Oleg Nenashev added a comment - Troubleshooting and "fixes": http://java.com/en/download/help/appsecuritydialogs.xml

          Daniel Beck added a comment -

          According to KK, 2.53.2 is unaffected. Leave this open for the tests, or resolve?

          Daniel Beck added a comment - According to KK, 2.53.2 is unaffected. Leave this open for the tests, or resolve?

          Kohsuke Kawaguchi added a comment -

          I think the easier way to prevent this is to make sure the build process fails if it tries to sign with an outdated certificate.

          Kohsuke Kawaguchi added a comment - I think the easier way to prevent this is to make sure the build process fails if it tries to sign with an outdated certificate.
          Kohsuke Kawaguchi made changes -
          Summary Original: remoting-2.53 has the outdated certificate New: war/remoting release process should fail if the certificate is outdated.

            oleg_nenashev Oleg Nenashev
            oleg_nenashev Oleg Nenashev
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: