Hi team, As we know, there're many mirrors of Jenkins update-center. But if you just look into the update-center.json file. You will find out that all the URLs of the real plugin file are the same.
I try to modify the URL plugins into a mirror one. But it's unavailable due to security reasons. Jenkins will do the validation with update-center.json file. In order to fix this, I just make my own certificate file. Before using it, you need to download the certificate file into your Jenkins. It's still very inconvenient for many users. So, I was wondering if I can get permission of accessing the official certificate file. People just don't need to do anything besides changing the URL of the update center. I know this file should not share with someone who is not a member of the Jenkins infra team. Because it's very important for all Jenkins users. An alternative solution is that we store the certificate file in a safe place. For example, store it in the GitHub secret. In case anyone wants to know more about the details. You can see this project https://github.com/jenkins-zh/update-center-mirror This is the program that modifies the update-center.json file. https://github.com/jenkins-zh/update-center-mirror/blob/2e6643b2e26dfee112793d51fe3f0270c93c91e8/.github/workflows/mirror.yaml#L82 Best regards Zhao Xiaojie (Rick) -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAMM7nTFvMJ6ARbNiyB44hY7YQ7rsLMhf_g1yktpJWCbiwFMz9g%40mail.gmail.com.
