E2E HTTPS Encryption for Jenkins #798
Labels
Milestone
Comments
|
Yep we can add it but totally not a priority at the moment, sorry. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the solution you'd like
In order to improve security, I would like to have an end-to-end HTTPS encryption between client and Jenkins web interface. That means not to terminate HTTPS at the ingress edge. (Communication between ingress and Jenkins is then in plain HTTP.)
For that the additional HTTPS port needs to be open in the Jenkins pod. The rest configuration is done by passing arguments to Jenkins and adding secret with Java Keystore (containing HTTPS certificates). In this case the Ingress would only work as ssl-passthrough.
Describe alternatives you've considered
Terminating HTTPS encryption at the Ingress edge would be acceptable for smaller projects with lower security requirements, but it is not acceptable in a corporate environment.
Additional context
Also communication between Jenkins and Jenkins Operator pod is in plain HTTP. That could be also another improvement.
The text was updated successfully, but these errors were encountered: