When choosing either of these options, we need to evaluate carefully. You can either buy a certificate from a traditional certificate authority, or use a free SSL certificate. To secure Jenkins, you must use a valid SSL certificate. Even if you add username and password authentication, an attacker could sniff those over the wire unless connections to the server are protected with SSL encryption. That is risky because anyone who can sniff network traffic between the Jenkins server and a client can observe everything, including user names, passwords, and other sensitive information that Jenkins may expose when viewed over the web. When the server is not secure, confidential information can be exposed to the world via unencrypted HTTP. When using Jenkins to build iOS applications on Mac OS X, it’s very important to ensure the server is secure – both protected from unauthorized access, and having communications secured by SSL.
0 Comments
Leave a Reply. |