In Jenkins -> Manage Plugins, I observe this message:
There were errors checking the update sites: None of the tool installer metadata passed the signature check
My question is: How can I manually check the signature of updates in order to determine if they are valid?
Subsidiary question, how can I determine the cause of this error?
UPDATE: In the meantime it seems the expired cert has been renewed:
https://updates.jenkins-ci.org/updates/hudson.tools.JDKInstaller.json.html
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 3735928570 (0xdeadbefa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=San Jose, O=Jenkins Project, CN=Kohsuke Kawaguchi/[email protected]
Validity
Not Before: Nov 19 21:21:39 2018 GMT
Not After : Nov 19 21:21:39 2019 GMT
Subject: C=US, ST=California, O=Jenkins Project, CN=Community Update Center
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
So for me the issue seems solved.