Uploaded image for project: 'Infrastructure'
  1. Infrastructure
  2. INFRA-1502

Insert new community update center root CA

    Details

    • Similar Issues:

      Description

      The current UC root CA will expire in 2021. Since this key certificate is baked into jenkins.war, it needs a plenty of time to rotate. I think two years window would be sufficient, but since I looked, we might as well start now.

      This would be an opportunity to upgrade the key used to sign it. Currently, the key strength is RSA/2048.

      Beware of the export control restriction in JVM. I don't know if it's still in place, but if it is it places a limit to the key length we can use.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                kohsuke Kohsuke Kawaguchi
                Reporter:
                kohsuke Kohsuke Kawaguchi
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated: