• Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • core
    • Jenkins ver. 2.170
      Linux, Chrome 73.0.3683.86, IE 11.112.17134.0, Firefox 67.0b4 (64-bit)

      Jenkins ver. 2.170

      Running from shell:

      java -jar jenkins.war --httpPort=-1 --httpsPort=8443 --httpsKeyStore=jenkin.jks --httpsKeyStorePassword=TopSecret

       

      Opening from Browser getting an error:

      Chrome: ERR_SSL_VERSION_OR_CIPHER_MISMATCH

      FireFox: Error code: SSL_ERROR_NO_CYPHER_OVERLAP 

      IE: Your TLS security settings aren’t set to the defaults

       

          [JENKINS-56747] Error: ERR_SSL_VERSION_OR_CIPHER_MISMATCH

          Gil Br created issue -
          Oleg Nenashev made changes -
          Component/s New: core [ 15593 ]
          Component/s Original: security-inspector-plugin [ 21938 ]
          Daniel Beck made changes -
          Labels Original: security New: regression security
          Gil Br made changes -
          Description Original: [Jenkins ver. 2.168|https://jenkins.io/]

          Running from shell:

          java -jar jenkins.war --httpPort=-1 --httpsPort=8443 --httpsKeyStore=jenkin.jks --httpsKeyStorePassword=TopSecret

           

          Opening from Browser getting an error:

          Chrome: ERR_SSL_VERSION_OR_CIPHER_MISMATCH

          FireFox: Error code: SSL_ERROR_NO_CYPHER_OVERLAP 

          IE: Your TLS security settings aren’t set to the defaults

           
          New: [Jenkins ver. 2.170|https://jenkins.io/]

          Running from shell:

          java -jar jenkins.war --httpPort=-1 --httpsPort=8443 --httpsKeyStore=jenkin.jks --httpsKeyStorePassword=TopSecret

           

          Opening from Browser getting an error:

          Chrome: ERR_SSL_VERSION_OR_CIPHER_MISMATCH

          FireFox: Error code: SSL_ERROR_NO_CYPHER_OVERLAP 

          IE: Your TLS security settings aren’t set to the defaults

           
          Gil Br made changes -
          Environment Original: Jenkins ver. 2.168
          Linux, Chrome 73.0.3683.86, IE 11.112.17134.0, Firefox 67.0b4 (64-bit)
          New: Jenkins ver. 2.170
          Linux, Chrome 73.0.3683.86, IE 11.112.17134.0, Firefox 67.0b4 (64-bit)
          Olivier Lamy made changes -
          Assignee Original: Gil Br [ gberesta71 ] New: Olivier Lamy [ olamy ]
          Gil Br made changes -
          Attachment Original: IE_SSL_HTTPS.jpg [ 46555 ]
          Gil Br made changes -
          Attachment Original: FF_SSL_HTTPS.jpg [ 46556 ]
          Gil Br made changes -
          Attachment Original: Chrome_SSL_HTTPS.jpg [ 46557 ]
          Gil Br made changes -
          Comment [ h2. Running: java -jar jenkins.war --httpPort=-1 --httpsPort=8443
          I get the Error:
          {color:#FF0000}*NET::ERR_CERT_AUTHORITY_INVALID*{color}
           
          Subject: Test site

          Issuer: Test site

          Expires on: 2 באפר׳ 2029

          Current date: 5 באפר׳ 2019

          PEM encoded chain:-----BEGIN CERTIFICATE-----

          <Lines Removed>
          -----END CERTIFICATE-----
          h2. Running: *keytool -list -v -keystore* key.jks

          Keystore type: JKS
          Keystore provider: SUN

          Your keystore contains 1 entry

          Alias name: rtcbuild_jenkins
          Creation date: Mar 19, 2019
          Entry type: trustedCertEntry

          Owner: CN=rtcbuild.orbotech.org, OU=FPD, O=Orbotech.org, L=Yavne, ST=Israel, C=IL
          Issuer: CN=subcait-isl, DC=orbotech, DC=org
          Valid from: Tue Mar 19 15:30:37 IST 2019 until: Sun Mar 17 15:30:37 IST 2024
          Signature algorithm name: SHA256withRSA
           Version: 3

          SubjectAlternativeName [
           DNSName: rtcbuild.orbotech.org
          ]

          CRLDistributionPoints [
           [DistributionPoint:
           [URIName: ldap:///CN=subcait-isl,CN=subcait-isl,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=orbotech,DC=org?certificateRevocationList?base?objectClass=cRLDistributionPoint, URIName: http://orb-crl1.orbotech.com/crl/subcait-isl.crl, URIName: http://orb-crl2.orbotech.com/crl/subcait-isl.crl]
          ]]


          AuthorityInfoAccess [
           [
           accessMethod: caIssuers
           accessLocation: URIName: ldap:///CN=subcait-isl,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=orbotech,DC=org?cACertificate?base?objectClass=certificationAuthority
          ,
           accessMethod: ocsp
           accessLocation: URIName: http://orb-crl1.orbotech.com/crl/subcait-isl.orbotech.org_subcait-isl(1).crt
          ,
           accessMethod: ocsp
           accessLocation: URIName: http://orb-crl2.orbotech.com/crl/subcait-isl.orbotech.org_subcait-isl(1).crt
          ]


           

          _________

           

          Please advise ]

            olamy Olivier Lamy
            gberesta71 Gil Br
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated: