Issue
-
Signature verification fails when using an update site for Plugins. Going to an update server results in the error
None of the tool installer metadata passed the signature check
Resolution
In JDK 1.8.65 some older encryption algorithms are disabled, which causes this behavior. There are two options for workaround:
Suppress the signature verification check by adding the following Java option
-Dhudson.model.DownloadService.noSignatureCheck=true
or
Modify your JDK security policy to admit insecure encryption algorithms by replacing jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024 with jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 512 in the file $JRE_HOME/lib/securityjava.security