Forcing Jenkins to use TLSv1.2 for LDAP connections

29 views

Skip to first unread message

Joshua Schaeffer

unread,

Sep 20, 2016, 1:29:54 PM9/20/16

to Jenkins Users

I'm trying to setup Jenkins to connect to my OpenLDAP server for SSO, but it appears that when it tries to connect it uses TLS1.0. I currently have this disabled on my LDAP server and would like to keep it that way if possible. If I enable 1.0 then I can connect successfully. How can I tell Jenkins to use TLSv1.2 when connecting to LDAP? I currently have this in my /etc/default/jenkins file:

jschaeffer@warpgate:~$ cat /etc/default/jenkins | grep "JAVA_ARGS"

JAVA_ARGS="-Djava.awt.headless=true" # Allow graphs etc. to work even when an X server is present

#JAVA_ARGS="-Xmx256m"

JAVA_ARGS="-Djava.net.preferIPv4Stack=true" # make jenkins listen on IPv4 address

JAVA_ARGS="-Dhttps.protocols=TLSv1.2"

But that hasn't made any difference, so I'm assuming that is just for HTTPS traffic. Also, is it possible to tell Jenkins which ciphers to use when connecting?

Thanks,

Joshua Schaeffer

Reply all

Reply to author

Forward

0 new messages