Enable support for TLS Client Certificate Auth - Githubissues

jenkinsci / generic-webhook-trigger-plugin

Can receive any HTTP request, extract any values from JSON or XML and trigger a job with those values available as variables. Works with GitHub, GitLab, Bitbucket, Jira and many more.

https://plugins.jenkins.io/generic-webhook-trigger

404 stars 159 forks source link

Enable support for TLS Client Certificate Auth #247

Closed mkjkec2005 closed 1 year ago

mkjkec2005 commented 1 year ago

Hi,

Please find the Jenkins and plugin version details below.

Jenkins: 2.289.2 Generic Webhook Trigger: 1.74

We are trying to set up an encrypted Jenkins and the need is to secure all communication. mtls functionality is offered by the Bitbucket branch source plugin.

-Mohan

mkjkec2005 commented 1 year ago

@tomasbjerre could you please check this request?

tomasbjerre commented 1 year ago

The only thing I find with TLS in that plugin is here: https://github.com/jenkinsci/bitbucket-branch-source-plugin/blob/ade16a1aa29a4f5755d7cf9334a813a6eb69d65d/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/credentials/BitbucketClientCertificateAuthenticator.java

The plugin uses TLS to communicate with Bitbucket. This plugin just receives requests, it does not open new connections. So I'm not really sure what you are looking for here.

mkjkec2005 commented 1 year ago

Can we use TLS to communicate with Bitbucket in generic-webhook-trigger-plugin also?

mkjkec2005 commented 1 year ago

@tomasbjerre we want to use Jenkins in a completely secure environment (use mTLS), hence this request.

mkjkec2005 commented 1 year ago

@tomasbjerre Could you please help on this topic?