You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Some JIRA installs enforce TLS 1.2 on the server side. This is good, and should be encouraged.
In this scenario, PowerShell 5.1 doesn't know what in the world is happening, and New-JiraSession fails with no helpful error message.
Furthermore, this module already includes a proxy function for Invoke-WebRequest, so that some of the new PowerShell version 6.0 functionality could be ensured. (See commit 81e12ff.) One of those features is new parameter -SslProtocol, which we should leverage, instead of new private function Set-TlsLevel. (See commit 9a5b636.)
Expected Behavior
New-JiraSession establishes a new JIRA session, regardless of security level.*
* - No opinion on whether users should be warned about insecure HTTP sessions, since JiraPS currently uses basic authentication on its API calls
Current Behavior
New-JiraSession fails if a TLS 1.2 session is enforced.
Possible Solution
In order of preference:
Seamless, transparent handling of TLS 1.2 connections
An exposed parameter on New-JiraSession to pass through -SslProtocol to the Invoke-WebRequest private proxy function
Steps to Reproduce (for bugs)
Enforce TLS 1.2 in a server installation's server.xml, then try New-JiraSession
Context
I fully support people trying to make their environments more secure by enforcing best practices. The module(s) should strive to support that whenever possible/feasible.
Some JIRA installs enforce TLS 1.2 on the server side. This is good, and should be encouraged.
In this scenario, PowerShell 5.1 doesn't know what in the world is happening, and
New-JiraSessionfails with no helpful error message.Furthermore, this module already includes a proxy function for
Invoke-WebRequest, so that some of the new PowerShell version 6.0 functionality could be ensured. (See commit 81e12ff.) One of those features is new parameter-SslProtocol, which we should leverage, instead of new private functionSet-TlsLevel. (See commit 9a5b636.)Expected Behavior
New-JiraSessionestablishes a new JIRA session, regardless of security level.** - No opinion on whether users should be warned about insecure HTTP sessions, since JiraPS currently uses basic authentication on its API calls
Current Behavior
New-JiraSessionfails if a TLS 1.2 session is enforced.Possible Solution
In order of preference:
New-JiraSessionto pass through-SslProtocolto theInvoke-WebRequestprivate proxy functionSteps to Reproduce (for bugs)
Enforce TLS 1.2 in a server installation's
server.xml, then tryNew-JiraSessionContext
I fully support people trying to make their environments more secure by enforcing best practices. The module(s) should strive to support that whenever possible/feasible.
Related Issues (based on a quick search):
Your Environment
JIRA Server, 7.9 or 7.10
JiraPS 2.7
PowerShell 5.1
The text was updated successfully, but these errors were encountered: