TLS version supported by Jenkins core


When setting up Jenkins to operate over TLS, which version of the protocol are supported?



Since Jenkins 2.61 and 2.73.1, the Jetty version used in Jenkins doesn’t support the version 1.0 nor 1.1 of the TLS protocol.
Because of this, any reverse proxy not supporting the version 1.2 will make your instance unreachable.
You will still be able to reach the instance by bypassing the reverse proxy.

There are three solutions for this problem:

  • upgrade your reverse proxy to support the version 1.2 of TLS protocol,
  • use HAProxy or another reverse proxy to serve the TLS encryption and let Jenkins serve an un-encrypted protocol,
  • deploy jenkins in an application which is still allowing to use these old protocols (Apache Tomcat 8.5.x)
Have more questions? Submit a request


Please sign in to leave a comment.