Re: Signature verification failed in update site

2023-05-22 Thread Samir Kelekar 
Worked on a fresh Ubuntu machine while I couldn't really debug what the
problem was. Thanks


On Mon, May 22, 2023, 7:20 AM Mark Waite  wrote:

>
>
> On Sunday, May 21, 2023 at 7:42:07 AM UTC-6 Samir wrote:
>
> When I run jenkins with ZAP plugin, I get the following errors on Build.
>
> I tried changing java.security file and removing MD5 from
> jdk.certpah.disabledAlgorithms,
> Also changed RSA keySize to < 512 as also changed the command line to
> remove
> certificate checking. But nothing helps. Can you please suggest what I
> could be doing wrong?
>
> It used to work all right some time back but this error pops up now.
>
> regards,
> Samir
>
> May 21, 2023 6:29:12 PM hudson.model.UpdateSite updateData
> SEVERE: ERROR: Signature verification failed in update site
> default (show details) style='display:none'>java.security.cert.CertPathValidatorException:
> signature check failed
>
>
> As far as I can tell, that message has no relation to the Zap plugin.
> That is a message from the verifySignature method of
> the  JSONSignatureValidator in Jenkins core that is checking the validity
> of the data received from the Jenkins update center.
>
> Changing Java security settings is unlikely to help with that message.
>
> You may have misconfigured the URL of the Jenkins update center in "Manage
> Jenkins" -> "Plugins" -> "Advanced Settings" in the ""Update Site" field.
> See https://updates.jenkins.io/ for the standard value that should be
> there.
>
> If the URL of the Jenkins update center is configured correctly, then it
> is possible that there is a network device between the Jenkins controller
> and the Jenkins update center that is damaging or blocking the necessary
> data.  The network experts at your organization are probably the best
> people to consult to see if they have a proxy configured or some other form
> of network blocking.
>
> You could enable a system logger from the "System log" page to view the
> logs of the jenkins.util.JSONSignatureValidator class.  The logging
> statements in the source code may help you identify the issue in your local
> enviornment.
>
> Mark Waite
>
> --
> You received this message because you are subscribed to the Google Groups
> "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to jenkinsci-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/jenkinsci-users/1307fe4b-9643-4aa4-be8a-b4f32567a6dbn%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/CANoiity2ba6%3D%3Df9zw2Dr-hNWEdyffneqOH72WBMxNYNBqgG6dQ%40mail.gmail.com.

Signature verification failed in update site

2023-05-21 Thread Samir Kelekar 
When I run jenkins with ZAP plugin, I get the following errors on Build.

I tried changing java.security file and removing MD5 from 
jdk.certpah.disabledAlgorithms,
Also changed RSA keySize to < 512 as also changed the command line to remove
certificate checking. But nothing helps. Can you please suggest what I 
could be doing wrong?

It used to work all right some time back but this error pops up now.

regards,
Samir

May 21, 2023 6:29:12 PM hudson.model.UpdateSite updateData
SEVERE: ERROR: Signature verification failed in update site 
default (show details)java.security.cert.CertPathValidatorException: 
signature check failed

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/3e000323-7786-4343-a18a-4598c34842e3n%40googlegroups.com.