CI-CD connectors broken after upgrading to pol-2406 - Jenkins webhooks timing out

We upgraded our Polarion instance to pol-2406 last week and immediately all Jenkins webhook integrations stopped working. The connectors were functioning perfectly on pol-2310 but now every webhook request times out after 30 seconds.

Jenkins logs show webhook POST requests failing with signature validation errors:

HTTP 401: Webhook signature verification failed
Expected HMAC-SHA256 header not found
Connection timeout after 30000ms

This is blocking our entire release pipeline - we can’t trigger automated test runs or deployment workflows. The CI-CD connector configuration in Polarion Admin looks identical to our previous setup. Has anyone dealt with webhook signature validation changes in pol-2406? We’re desperate to get our automation back online.

You’re dealing with multiple issues here based on your description. Let me walk through the complete fix for pol-2406 webhook problems:

Step 1: Webhook Signature Validation Setup Delete all existing CI-CD connectors in Polarion Admin > CI-CD Connectors. The pol-2406 upgrade doesn’t automatically migrate connector security settings. When you recreate each Jenkins connector, Polarion generates a new webhook URL with embedded HMAC-SHA256 signing secret. Copy these URLs exactly - they contain the authentication token Jenkins needs.

Step 2: Connector Migration Process In Jenkins, update each webhook configuration with the new Polarion URLs. Critical: verify your Jenkins version supports HMAC-SHA256 headers. You need Jenkins 2.400+ or the Polarion Plugin 3.2+. Older versions expect SHA1 signatures and will reject the new format.

Step 3: HMAC-SHA256 Header Validation Test each webhook with curl before enabling in Jenkins:

curl -X POST https://your-polarion/api/webhook \
  -H "X-Polarion-Signature: sha256=your_signature" \
  -H "Content-Type: application/json"

If this returns 401, the signature isn’t being calculated correctly. Regenerate the connector in Polarion.

Step 4: Tomcat Service Restart This is crucial and often overlooked. Polarion caches webhook authentication settings in memory. After recreating all connectors, restart the Tomcat service:

sudo systemctl restart polarion-tomcat

Without this restart, Polarion may continue using old authentication rules even with new connectors configured.

Timeout Issue Resolution The 30-second timeouts you’re seeing are actually authentication failures, not network issues. Once the HMAC-SHA256 validation works, response times should drop to under 2 seconds. If timeouts persist after following these steps, check your Jenkins webhook timeout settings - increase them to 60 seconds temporarily while testing.

Sprint Boundary Timing One more thing: if you’re in the middle of an active sprint, wait until sprint closure to migrate connectors. We had issues with in-flight webhook deliveries getting lost during the connector recreation process. Schedule the migration during a sprint boundary to avoid losing CI-CD event notifications.

After following this process our Jenkins integration has been rock solid on pol-2406. The key is the Tomcat restart - that fixed the persistent authentication errors we were seeing even after connector migration.

I hit this exact issue two weeks ago during our pol-2406 upgrade. The problem is that pol-2406 introduced mandatory HMAC-SHA256 signature validation for all webhook endpoints. Your old connector configurations don’t include the signing secret that Polarion now requires to authenticate webhook payloads. Check your Jenkins connector settings in Polarion - you’ll need to regenerate the webhook URLs with new security tokens.

We recreated all the connectors as suggested but still getting timeouts. The X-Polarion-Signature header is present now but Jenkins is rejecting it. Could this be a Tomcat configuration issue? Our Tomcat service has been running continuously since before the upgrade - wondering if a restart would help clear any cached authentication settings.