• 2.308

      JKS keystore is known to be broken / insecure.

      In some environments JKS may not be the default keystore (or may not be possible to use due to its insecurity).

      Therefore the KeyStore used by winstone for TLS termination should either be configurable, or use the default keystore.

          [JENKINS-66379] Winstone keystore is hard coded to JKS

          James Nord created issue -
          James Nord made changes -
          Assignee New: James Nord [ teilo ]
          James Nord made changes -
          Status Original: Open [ 1 ] New: In Progress [ 3 ]
          James Nord made changes -
          Component/s New: core [ 15593 ]
          James Nord made changes -
          Remote Link New: This issue links to "winstone #165 (Web Link)" [ 26860 ]
          James Nord made changes -
          Remote Link New: This issue links to "core PR#5670 (Web Link)" [ 26861 ]
          James Nord made changes -
          Labels New: lts-candidate
          James Nord made changes -
          Status Original: In Progress [ 3 ] New: In Review [ 10005 ]
          Mark Waite made changes -
          Released As New: 2.308
          Resolution New: Fixed [ 1 ]
          Status Original: In Review [ 10005 ] New: Closed [ 6 ]
          Beatriz Muñoz made changes -
          Labels Original: lts-candidate New: 2.303.2-fixed

            teilo James Nord
            teilo James Nord
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: