Login/Register
Jenkins + Apache + SSL = no available updates
Asked Answered
apachessljenkinsmod-ssl
T

1

4

I have followed this tutorial and many others:

https://wiki.jenkins-ci.org/display/JENKINS/Running+Jenkins+behind+Apache

However, none of my attempts have been successful:

  1. When I go to Plugin Manager -> Available, it says "No updates"
  2. When I go to Plugin Manager -> Advanced -> Check Now, it says "Checking Updates..." and then nothing happens.
  3. Looking at Apache and Tomcat logs, nothing shows up.

  4. Looking at browser console, no errors appear. However, I get warnings like this one:

    [blocked] The page at 'https://mywebsite.com/jenkins/pluginManager/checkUpdates' was loaded over HTTPS, but ran insecure content from 'http://updates.jenkins-ci.org/updates/hudson.tools.JDKInstaller.json.html?id=hudson.tools.JDKInstaller&version=1.544': this content should also be loaded over HTTPS.

Looking at this, I realize the plugin manager wasn't designed for https, because it makes ajax requests for non-SSL endpoints.

So what's the right solution to this? Is there an HTTPS endpoint to use for downloading plugins? Do I need to use a different browser?

Thanks.

Tybalt answered 19/12, 2013 at 6:39 Comment(0)
M
6

There is an HTTPS endpoint to use:

https://updates.jenkins-ci.org/update-center.json
Meghan answered 27/2, 2014 at 6:0 Comment(5)
While the endpoint is HTTPS, the URLs in the response are not. Thus completely defeating the purpose.Tybalt
Ah. Does it still give AJAX warnings when you actually attempt to install a plugin? I didn't test that far.Meghan
I believe this is the relevant Jenkins issue: issues.jenkins-ci.org/browse/JENKINS-20641Allene
Hmm... the file already has SHA1 checksums as Kohsuke suggests in that Jenkins issue. Maybe the updater is already validating the plugin?Meghan
In case of SSL issue you may refer thisLebkuchen

© 2022 - 2024 — McMap. All rights reserved.