-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
Jenkins 2.93 on RHEL5 x86_64, JDK 1.8.0_152, Active Directory plugin 2.6
Even though configuration is set up to trust certificates from JDK trustStore, logging shows that actual socket factory used is TrustAllSocketFactory, which does not fail on unknown (custom) DC certificate:
Dec 12, 2017 1:49:17 PM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm Attempting to resolve _gc._tcp.<site>._sites.<domain> to SRV record Dec 12, 2017 1:49:17 PM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm Attempting to resolve _ldap._tcp.<site>._sites.<domain> to SRV record Dec 12, 2017 1:49:17 PM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm SRV record found: 0 100 389 <dc>.<domain>. Dec 12, 2017 1:49:17 PM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm _ldap._tcp.<site>._sites.<domain> resolved to [<dc>.<domain>:389] Dec 12, 2017 1:49:17 PM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm Connecting to ldap://<dc>.<domain>:389/ Dec 12, 2017 1:49:17 PM FINE hudson.plugins.active_directory.TrustAllSocketFactory Got the certificate: [[ <boring output> ]] Dec 12, 2017 1:49:17 PM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm Connection upgraded to TLS