Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-51577

Windows service wrapper for slave.jar can not connect to a SSL configured master

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • Master: Jenkins ver. 2.107.3 on CentOS 7.4
      Slave: Windows Server 2016 (and other versions)
    • Jenkins 2.177

      TLS1.0 is considered broken and obsolete and a growing number of servers no longer support the protocol by default. The Jenkins master web server is one of them, and disabled TLS1.0 in some recent update, when the server is set up for HTTPS communication.

       

      The Windows service wrapper used to start slave.jar as a service on Windows is written in .NET. For some reason Microsoft has set TLS1.0 as default protocol for the .NET Framework. Thus the service wrapper can not connect to a HTTPS configured master and download updates of slave.jar.

       

      If a recent enough .NET Framework is installed in the Windows environment, the default behavior can be changed both run-time/per-process and with system settings: https://johnlouros.com/blog/enabling-strong-cryptography-for-all-dot-net-applications

       

      It would be great if the service wrapper could be updated to override the default system settings.

            oleg_nenashev Oleg Nenashev
            njesper Jesper Andersson
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: