I am new for jenkins admin.
As preparation for update 2.89.4 to latest with refreshing SSL certification, checking this docs now.
Initial Settings (jenkins.io)
According to this article, sha2 is not verified. I wonder if this still valid?
sha1 to sha2 fammily migration has been old topic now, 2023. But to create CSR/signed with sha1 based hash is still required to build SSL hosted Jenkins??
Definitely not required to build an SSL hosted Jenkins.
Those instructions were copied from the Jenkins wiki page in 2020 and have not been updated since that copy. You’re encouraged to provide corrections to that page based on current recommendations. A pull request would be much appreciated, especially since you’re doing that configuration now.
I’m more comfortable with certbot for SSL certificate generation, but it is limited to Unix variants and does not support Windows
2.89.4 was released in 2018-02-14, thats more than 5 years ago. You may want to look into upgrading to something newer that has security fixes.
Thank you for prompt reply.
I am trying to installing sha256 based certification in test lab.
Rather than version of Jenkins, more focus would be needed at JRE version but my environment could be enough.
I will be back here after getting success of installing modern certification.
Yes, that is something old.
Partner at Dev side agreed to update bring current one to Jenkins 2.346.3 or newer.
Thanks!