most people do not have Jenkins do the TLS transport directly but instead front Jenkins with an SSL engine if they need SSL... thus more correctly you should ask:
* have I configured by Jenkins instance to serve HTTPS * did I use Jenkins's native container and its native TLS support or did I use Nginx/Apache HTTPD/HAProxy/etc Once you have determined who is doing the TLS then you can ask whether the issue is present in that software... IOW it is one of: * The JVM * Nginix * Apache HTTPD * HAProxy * etc Jenkins itself does not have a "private" ssl implementation On 5 June 2014 13:40, Dave Dash <[email protected]> wrote: > Does anybody know if Jenkins is susceptible to this: > > http://www.openssl.org/news/secadv_20140605.txt > > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
