RE: Standalone mirrored update site without signature checking

41 views
Skip to first unread message

Bilsby David C

unread,
Sep 21, 2016, 5:17:03 AM9/21/16
to jenkins...@googlegroups.com

OK I think I have fixed this myself. To disable signature checking on the update file you need to set the hudson.model.DownloadService.signatureCheck variable to false. I did this through a groovy script added to the %JENKINS_HOME%\init.groovy.d directory. The script I used contained the following:

 

import jenkins.model.*

try

{

  hudson.model.DownloadService.signatureCheck=false;

  println(“Disabled signature checking for update service.”);

}

catch (MissingPropertyException e)

{

  println(“No signature check disable property found!”);

}

 

 

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/57d040ca.c2111c0a.8061b.4bf3SMTPIN_ADDED_MISSING%40gmr-mx.google.com.
For more options, visit https://groups.google.com/d/optout.

This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. QinetiQ may monitor email traffic data and also the content of email for the purposes of security. QinetiQ Limited (Registered in England & Wales: Company Number: 3796233) Registered office: Cody Technology Park, Ively Road, Farnborough, Hampshire, GU14 0LX http://www.qinetiq.com

Jason Pyeron

unread,
Sep 21, 2016, 8:09:21 AM9/21/16
to jenkins...@googlegroups.com
> -----Original Message-----
> From: Bilsby David C
> Sent: Wednesday, September 21, 2016 05:17
>
> OK I think I have fixed this myself. To disable signature
> checking on the update file you need to set the
> hudson.model.DownloadService.signatureCheck variable to
> false. I did this through a groovy script added to the
> %JENKINS_HOME%\init.groovy.d directory. The script I used
> contained the following:
>
> import jenkins.model.*
>
> try
> {
> hudson.model.DownloadService.signatureCheck=false;
> println(“Disabled signature checking for update service.”);
> }
> catch (MissingPropertyException e)
> {
> println(“No signature check disable property found!”);
> }

Thanks, this will help us too. Ideally, we would prefere to re-sign and leave the signature checking in place. Does anyone have ideas as to that?

Bilsby David C

unread,
Sep 22, 2016, 4:58:21 AM9/22/16
to jenkins...@googlegroups.com
-----Original Message-----
From: jenkins...@googlegroups.com [mailto:jenkins...@googlegroups.com] On Behalf Of Jason Pyeron
Sent: 21 September 2016 13:08
To: jenkins...@googlegroups.com
Subject: RE: Standalone mirrored update site without signature checking

> Thanks, this will help us too. Ideally, we would prefere to re-sign and leave the signature checking in place. Does anyone have ideas as to that?

As I mentioned in the original post, I believe the backend-update-center2 package can be used to generate the JSON file with valid signatures, however from the posts I found it did not sound easy.



This email and any attachments to it may be confidential and are
intended solely for the use of the individual to whom it is
addressed. If you are not the intended recipient of this email,
you must neither take any action based upon its contents, nor
copy or show it to anyone. Please contact the sender if you
believe you have received this email in error. QinetiQ may
monitor email traffic data and also the content of email for
the purposes of security. QinetiQ Limited (Registered in England
& Wales: Company Number: 3796233) Registered office: Cody Technology
Park, Ively Road, Farnborough, Hampshire, GU14 0LX http://www.qinetiq.com.

Stephen Connolly

unread,
Sep 22, 2016, 7:05:37 AM9/22/16
to jenkins...@googlegroups.com
If you use backend-update-center2 to generate an update center, you will need to add the certificate that you use for signing into the list of trusted update center certificates (there is a special directory in JENKINS_HOME which is used as a source of trusted certs)

On 22 September 2016 at 09:57, Bilsby David C <DCBI...@qinetiq.com> wrote:
--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/57e39d23.15691c0a.d5cbc.0fabSMTPIN_ADDED_MISSING%40gmr-mx.google.com.
Reply all
Reply to author
Forward
0 new messages