We maintain a corporate artifact repository for Jenkins plugins (developed internally) and a *backend-update-center2** running to generate the update-center.json files... Until now we were providing a certificate to generate the update site. That way, clients should comply by including the respective CA certificate in their own Jenkins filesystem.
It happens, though, that our server is in the same network as the clients, so that the CA certificate itself does not add any relevant degree of security. Instead, it is quite annoying to be handling the certificate across servers, with many people struggling to make it work at first in their local areas just because they know nothing about these certificates. Right now we are able to generate the updates sites without the certificate. The backend-update-center2 runs just fine without them. But when I try to use these update sites in my Jenkins instance I get the error message: *No signature block found in update site 'jenkins'* I would like Jenkins to read from my custom update site without any certificate. Is there any way to tell Jenkins to skip the signature verification? (I believe the CA certificate to the public update sites is embedded into Jenkins, right?) *** We use this fork <https://github.com/sjka/backend-update-center2> from the original <https://github.com/jenkinsci/backend-update-center2> *backend-update-center2*, because it supports remote repositories other than the public Jenkins repo. -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/d03ea4fb-0b59-4a05-ae52-df6b09943a77%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
