-
Bug
-
Resolution: Fixed
-
Blocker
-
Mac OS X El Capitan 10.11
Safari or Chrome or Firefox
Jenkins 1.631
Installed pkg for OS X.
Nothing worked.
Found out from another page that JDK needs to be installed.
Installed JDK by going to the link via java in terminal.
reported java version is 1.8.0_66-b17
Had to run the uninstall.command in /Library/Application\ Support/Jenkins.
Then ran install again and got localhost:8080 showing the Jenkins page.
Went to Manage Jenkins and then Manage Plugins. Plugins list is blank! 
Went to advanced clicked refresh and got the error noted above.
Clicking (show details) does nothing.
Update site is set to:
http://updates.jenkins-ci.org/update-center.json
Tried other mirrors with no difference in behavior.
- is duplicated by
-
-
- Resolved
-
-
-
- Resolved
-
- is related to
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Closed
-
-
-
- Closed
-
-
JENKINS-27694 Download update data immediately when installing a new tool installer plugin
-
- Resolved
-
[JENKINS-31089] Signature verification failed in update site 'default'
Keith Albright
created issue -
Jakub Gladykowski
made changes -
| Link |
New:
This issue is duplicated by |
I wonder whether this in the patch notes is related:
MD5 must not be used for digital signatures where collision resistance is required. In order to prevent the usage of MD5 as digital signature algorithm during X.509 certificate operations, MD5 is added to jdk.certpath.disabledAlgorithms security property. For those applications that still using MD5 signed certificate, please upgrade the weak certificate as soon as possible.
Unfortunately it doesn't look like we have an MD5 cert…
Could you tell me the contents of the file jre/lib/security/java.security (should be /Library/Java/JavaVirtualMachines/jdk1.8.0_XX.jdk/Contents/Home/jre/lib/security/java.security on OS X), specifically the entries jdk.certpath.disabledAlgorithms and jdk.tls.disabledAlgorithms?
Could you try to change this property to see whether it works then by removing one of the values?
| Link | New: This issue is related to INFRA-387 [ INFRA-387 ] |
Arlo Louis O'Keeffe
added a comment - The properties were not changed in java.security: https://gist.github.com/ArloL/69d40f1fd21cf1749986
But when I add MD5 to jdk.certpath.disabledAlgorithms in 8u60 then I get the same error message.
Signature verification failed in update site 'default' (show details)
with the log containing these entries: https://gist.github.com/ArloL/ba77b0d4208c7fea1a4e
Arlo Louis O'Keeffe
added a comment - The properties were not changed in java.security: https://gist.github.com/ArloL/69d40f1fd21cf1749986
But when I add MD5 to jdk.certpath.disabledAlgorithms in 8u60 then I get the same error message.
Signature verification failed in update site 'default' (show details)
with the log containing these entries: https://gist.github.com/ArloL/ba77b0d4208c7fea1a4e 
Keith Albright
added a comment - The data I have is this:
jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768
I tried adding MD5 to the exclusion list for tls, restarted but no change. Did same for certpath, again no change.
Keith Albright
added a comment - The data I have is this:
jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768
I tried adding MD5 to the exclusion list for tls, restarted but no change. Did same for certpath, again no change. Try removing one of or both of the RSA/DH keySize < N entries. This is the list of what's prohibited, after all (so it can't get better when adding to it).
| Link |
New:
This issue is related to |
Seeing the same issue with Oracle JDK 1.8.0_66-b17 but on openSUSE 13.1. Rolling back to 1.8.0_60 fixes the issue.
The message I see is similar to https://issues.jenkins-ci.org/browse/JENKINS-30739.