Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-66379

Winstone keystore is hard coded to JKS

    XMLWordPrintable

Details

    • 2.308

    Description

      JKS keystore is known to be broken / insecure.

      In some environments JKS may not be the default keystore (or may not be possible to use due to its insecurity).

      Therefore the KeyStore used by winstone for TLS termination should either be configurable, or use the default keystore.

      Attachments

        Issue Links

          Activity

            teilo James Nord created issue -
            teilo James Nord made changes -
            Field Original Value New Value
            Assignee James Nord [ teilo ]
            teilo James Nord made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            teilo James Nord made changes -
            Component/s core [ 15593 ]
            teilo James Nord made changes -
            Remote Link This issue links to "winstone #165 (Web Link)" [ 26860 ]
            teilo James Nord made changes -
            Remote Link This issue links to "core PR#5670 (Web Link)" [ 26861 ]
            teilo James Nord made changes -
            Labels lts-candidate
            teilo James Nord made changes -
            Status In Progress [ 3 ] In Review [ 10005 ]
            markewaite Mark Waite made changes -
            Released As 2.308
            Resolution Fixed [ 1 ]
            Status In Review [ 10005 ] Closed [ 6 ]
            bmunoz Beatriz Muñoz made changes -
            Labels lts-candidate 2.303.2-fixed

            People

              teilo James Nord
              teilo James Nord
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: