How do I configure Jenkins plugin updates to use the secure HTTPS site?

Issue

Is there a way to force the plugin updater to use the HTTPS version of the update site (e.g., https://jenkins-updates.cloudbees.com/update-center.json)?

Environment

CloudBees CI (CloudBees Core) on modern cloud platforms - Managed controller
CloudBees CI (CloudBees Core) on modern cloud platforms - Operations Center
CloudBees CI (CloudBees Core) on traditional platforms - Client controller
CloudBees CI (CloudBees Core) on traditional platforms - Operations Center
CloudBees Jenkins Enterprise - Managed controller
CloudBees Jenkins Enterprise - Operations center

Resolution

Starting from the Release 2.89.4.2 CloudBees Update Center service is consumed using exclusively HTTPS. Therefore, all the currently supported releases should download plugins exclusively over the secure connection.

See CloudBees maintenance lifecycle for currently supported releases.

This article is part of our Knowledge Base and is provided for guidance-based purposes only. The solutions or workarounds described here are not officially supported by CloudBees and may not be applicable in all environments. Use at your own discretion, and test changes in a safe environment before applying them to production systems.