steps { Which version of Jenkins are you using? At first, you might think “yeaahhhh… no problem!” and you ask your network security colleagues to enable: But then, the Jenkins mirroring features hits you. This book: Emphasizes the power of basic Web technologies -- the HTTP application protocol, the URI naming standard, and the XML markup language Introduces the Resource-Oriented Architecture (ROA), a common-sense set of rules for designing ... We then received âServer returned HTTP response code: 403â because anonymous users need to be able to read the projectâs output file => (you need the plugin âMatrix Authorization Strategy Pluginâ), Manage Jenkins => Configure Global Security => Project-based Matrix Authorization Strategy: check box âOverallâ âReadâ for âAnonymous usersâ Copy link hollycoder commented Dec 28, 2012. I also tried to start java as you recommended and the updater worked fine but I got error abut unreadable data. url. Indeed, everytime I try to check updates, I have an error message on “SHA-512 digest mismatch” that is displayed. A HTTP request may contain more headers that are not set by curl or wget. Please read my above comment regarding 403. However, I ran into the same error as Pierre. Either via the update button in the GUI or via the CLI of Ubuntu. Rules were added to our firewall to allow connectivity to api.refinitiv.com and amer-{1..3}-t{1..3}.streaming-pricing-api.refinitiv.com:14002, I am not sure how to figure the details of the curl call that is failing.We are configured to use ssl, not rssl.We created an appKey but it doesn't look like it was required at any step of lpc setup.I tried both:*lpc*tokenServiceURL: https://api.refinitiv.com:443/auth/oauth2/beta1/token and*lpc*tokenServiceURL: https://api.refinitiv.com:443/auth/oauth2/v1/tokenwith the same outcome.Thank you for your helpT. For example '200' to accept only 200 or '201,301:303' to accept 201 as well as the range from 301 to 303. The work of both socio-legal scholars and specialists working in social movements research continues to contribute to our understanding of how law relates to and informs the politics of social movements. consoleLogResponseBody: false, This book shows you how to build fast, efficient, and scalable client-server solutions using the latest versions of Node. The book begins with debugging tips and tricks of the trade, and how to write your own modules. } When I restart the Jenkins container, I can access the Please wait while Jenkins is getting ready to work ... page but after it is ready, I get a 403 again. Downloading and rewriting the official update-center.json could be done with many technologies. Found insideThis book is the first of its kind to take stock of this emerging multi-disciplinary field by synthesizing what we know, identifying what we do not know and obstacles to future research, and charting a course for the future inquiry. How the agent handles the proxy within a build or release job. There were no errors during the installation, and you have added your assigned user with long password successfully? -Dhudson.model.DownloadService.noSignatureCheck=true We replaced âlocalhostâ by the name of the server where our Jenkins instance runs The consequences of this are seriousâ€"for these individuals and their families; their employers and the workforce; for the nation's economy; as well as the education, welfare, and justice systems. Given a cookie key=val, you can set it with the -b key=val (or --cookie key=val) option for curl. stages { -Dhudson.model.DownloadService.noSignatureCheck=true nohup sh -c “sleep 3600 && pkill -f SimpleHTTPServer” > /dev/null 2>&1 & How do you solve it? Already have an account? …, Hi Stefan..Issue got resolved after install Nodejs plugin. agent {label ”} I tried everything I know. Must any "hourglass" touching the hexagon, in a Sudoku Hoshi, contain the same number twice? Client servers may not start until dictionary is downloaded. Found insideWith this book you’ll learn how to master the world of distributed version workflow, use the distributed features of Git to the full, and extend Git to meet your every need. In the pipeline job, we set the name of the output file to âupdate-center.jsonâ instead of âupdate-center-updated.jsonâ. Receiving below error while updating the update center Url. Could you please paste scopes, not the token? How, to overcome this and edit an existing issue using rest api with POST method. Found insideIn six parts, this book helps you: Learn the objects and concepts for developing automation scripts with CloudForms Automate Customize the steps and workflows involved in provisioning virtual machines Create and use service catalogs, items, ... We read the current installed Jenkins version with. This is the official guide and reference manual for Subversion 1.6 - the popular open source revision control technology. Am facing issue as no valid crumb was included in the request after upgrade jenkins version. A ' reverse proxy ' allows an alternate HTTP or HTTPS provider to communicate with web browsers on behalf of Jenkins. This pocket guide is the perfect on-the-job companion to Git, the distributed version control system. rev 2021.9.8.40158. I would also enable full trace/debug in LPC config, remove log and restart LPC to see if you can gain more information in log about the response from the pricing endpoint. It only takes a minute to sign up. 403 usually means that you are not permissioned to access the service. Using LEAVE_OPEN it is your responsibility to close it after use. 'response.close ();' Specify a timeout value in seconds (default is 0 which implies no timeout). Path to the upload file, relative to build workspace or absolute path. Can be used to upload a file as multipart/form-data POST request. updateCenterJson = readFile file: 'update-center.json' httpRequest( We are configured to use ssl, not rssl. When I curl jenkins inside of the node I can reach it without any problem. . You could verify by checking access logs (https://wiki.jenkins.io/display/JENKINS/Access+Logging). Follow-Ups: [microprofile-dev] Jenkins build is back to normal : FaultTolerance-maven-snapshots #691. Found inside – Page iThis is the second edition of a reference work aimed at all those concerned with dealing with tuberculosis control in developing countries. You may not be familiar with the .htaccess file. By clicking “Accept all cookies”, you agree Stack Exchange can store cookies on your device and disclose information in accordance with our Cookie Policy. Hi, Sorry for late reply. If you have a proxy set up in front of Stash, it may be returning the 503 due to Stash being down. One possible solution to go round this mirroring feature is to download the update-center.json, rewrite all links and then use the rewritten JSON. Could you include your Ingress object here and update the question? Please read the following I think Gianfranco reported also the same error on 10/09. If you access problem is due to crumb token issue, you can follow this short guide to resolve it. RSSL connections are disabled. One error that I needed to fix was that the resulting file must be named “update-center.json”, otherwise it won’t work even with signature check turned off (Message: “There were errors checking the update sites: The update site null does not look like an update center”). Learn more Gitblit Received HTTP code 504 from proxy after CONNECT Sounds redundant, but the curl library provided with LPC is in your running user PATH and LD_LIBRARY_PATH, user you run LPC as is root, and does not lack permissions for folders? and got: "Received HTTP code 403 from proxy after CONNECT..." when I try to connect to my repo. The 403 error is one of the many hypertext transfer protocol responses that can appear when attempting to access a web page. Note: You need to ensure, that anonymous users have read permission to your artifacts. If you aren’t allowed to communicate with the internet from within your productive Jenkins environment at all, you still have some options to choose from: If you’re allowed to communicate through a corporate proxy with the Internet, your half-way. Nothing Is it possible that my company's firewall doesn't let phpstorm and pycharm through? Too many emails? To learn more, see our tips on writing great answers. You might need to give Read access to anonymous users for that specific job: Count number of pairs across elements in a list in R? This is because the file … There are three most common solutions for this issue: If you don't mind reducing security of your Jenkins installation, you can uncheck "Prevent Cross Site Request Forgery exploits" in jenkins.com/configureSecurity section, A safer one: "Enable proxy compatibility" in the "Configure Global Security" options. Are you sure “host:8080” is pointing to your Jenkins? Any idea how to sort this out ? Checkout the Git output after setting it up to debug using this document: Debug logging for Git operations on the client. However, Jenkins is set to … But I choose Jenkins for this as well. It seems that Jenkins is checking the signature (certificates, correct_digest, correct_digest512) which are generated once the json file is generated. Two Dimensional Filter Statistics: All open Jenkins issues. Verify the proxy settings to see if a proxy is required. 2. EDIT: According to comments, a cntlm instance running locally on port 8080/tcp provides a HTTP proxy service that local applications must use in order to access internet. How can root start a process that only root can kill? The 407 Proxy Authentication Required is an HTTP response status code indicating that the server is unable to complete the request because the client lacks proper authentication credentials for a proxy server that is intercepting the request between the client and server. ; please post the actual, Sorry again about that, it has been added, Scaling front end design with a design system. Veracode APIs and integrations require access to analysiscenter.veracode.com and api.veracode.com. acceptType: 'APPLICATION_JSON', One Ubuntu 18.04 server configured with a non-root sudo user and firewall, following the Ubuntu 18.04 initial server setup guide. Is this really working for you? I have Maven Project Repository set up in Git Lab and have created Maven Project in Jenkins with Source Code as my Git lab repository. I tried setting general proxy settings in /etc/environment. Thanks for contributing an answer to Server Fault! Using endpoint address amer-3-t1.streaming-pricing-api.refinitiv.com and port 14002. archiveArtifacts 'update-center-updated.json' With authentication request, in the raw, you certainly need clientid, however LPC will generate and supply it on your behalf. Loading of the Processing plugin is too slow (hangs when restoring loaded plugins). This is the first time run after LPC is installed. Do you see "scopes" with your token? Following is alternative solution to setup python:SimpleHTTPServer Maybe you could use as well this code in order to avoid an extra redirect: pipeline { Can not execute "Hello, World!" Server Fault is a question and answer site for system and network administrators. I managed to setup the custom update site (in Jenkins 2.235). And thanks a lot for sharing further issues (together with the solutions). This volume reflects the current state of scientific knowledge about natural climate variability on decade-to-century time scales. The guide will help users in any organization, with any budget, to make the science of their communications as sound as the science that they are communicating. It worked for me as described with Jenkins version 2.160. it seems to work. Looks either your site is not HTTPS or you are using HTTP proxy. It looks like the configured update site URL is checked against some patterns. 5 days ago I got “SHA-512 digest mismatch” error as Kirill described. Period. How can I connect console from my VM, or Outside Network. So now I hope you guys can give me the magic answer. This is the first time run after LPC is installed.2. Do topmost professors have something to read daily (in their locally saturated domain)? Have you manually imported root certificates in the Trust Store as proposed in my comment from 18/06/2019 at 13:34? It looks like json file is signed or contains checksum. Jenkins might have changed that. ð We are proud to be a sponsor of Voxxed Days, ð¸ Photoshooting at the N47 office in #skopje in, Thank you @julija.muruzovic for joining us as HR M, New N47 glass whiteboards for our office in Consta, How to get a service reference or BundleContext with no OSGi context, https://updates.jenkins.io/update-center.json, http://updates.jenkins-ci.org/download/plugins/slack/2.10/slack.hpi, http://mirrors.jenkins-ci.org/plugins/slack/2.10/slack.hpi, http://ftp-chi.osuosl.org/pub/jenkins/plugins/slack/2.10/slack.hpi, https://jenkins.io/doc/book/managing/script-approval/, https://wiki.jenkins-ci.org/display/JENKINS/Standard+Security+Setup, https://docs.oracle.com/cd/E19906-01/820-4916/geygn/index.html, https://jenkins.io/doc/pipeline/steps/http_request/, https://support.cloudbees.com/hc/en-us/articles/115000494608-Why-is-there-Failed-Signature-Check-when-using-update-server-, https://plugins.jenkins.io/managed-scripts/, http://host:8080/job/Update-Center/lastSuccessfulBuild/artifact/update-center.json?id=default&version=2.222.1, https://wiki.jenkins.io/display/JENKINS/Access+Logging, https://www.north-47.com/knowledge-base/update-jenkins-plugins-behind-a-corporate-proxy/#comment-29, https://www.north-47.com/knowledge-base/update-jenkins-plugins-behind-a-corporate-proxy/#comment-17. The Configuration Database is using the file /spare/local/belemprod/elektron/refinitiv/lpc.cnf . . Program received channel reconnecting notification for socket 12 associated with LPC. Hi All, updateCenterJson = updateCenterJson.replaceAll(“https:\\/\\/updates\\.jenkins\\.io\\/download\\/war\\/”, “http://archives.jenkins-ci.org/war-stable/”) If it helped you please like â¤ï¸ or shareð this story, so others like you can find it. But let’s start with possible ways of updating Jenkins plugins. , . Superman Returns -- 6. War President -- 7. Omnipotence and Impotence -- 8. Why the Worst Get on Top ... and Get Worse -- 9. Toward Normalcy -- Afterword: Our Continuing Cult of the Presidency -- Notes -- About the Author -- Cato Institute Reverse proxy configuration. In my case, I get redirected to http://ftp-chi.osuosl.org/pub/jenkins/plugins/slack/2.10/slack.hpi. Sorry, my miss. Since the connection test worked its probably not an issue the Jenkins user is likely okay, but may not have the proper permissions to the Jenkins project to start it. Unable to connect to the server: Forbidden [root@minishift ~]# oc login -u system:admin error: Forbidden [root@minishift ~]# curl https://192.168.42.76:8443/console curl: (56) Received HTTP code 403 from proxy after CONNECT. When running the git clone command a tcpdump reveals that it is trying to connect to our proxy but lacks the authentication method/credentials. Thanks for you help, that was the problem. Hi,See my comment above. A guide to developing network programs covers networking fundamentals as well as TCP and UDP sockets, multicasting protocol, content handlers, servlets, I/O, parsing, Java Mail API, and Java Secure Sockets Extension. What does it mean, "Still tastes o'the head"? Why would the search input field not get focus when the page is loaded? https://wiki.jenkins-ci.org/display/JENKINS/Standard+Security+Setup, An alternative could be as well the suggestion from honglus to use s simple HTTP Server instead of Jenkins: https://www.north-47.com/knowledge-base/update-jenkins-plugins-behind-a-corporate-proxy/#comment-29. This volume brings together eight original essays designed to provide an overview of developments in spatial voting theory in the past ten years. cd /tmp } Specification; Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content # : status.403 oerdnj closed this on Mar 7, 2017. About the Book Testing Microservices with Mountebank introduces the powerful practice of service virtualization. From the nature of the error, it looks like LPC is failing to connect upstream, are the firewall opening provisions and connectivity upstream for LPC confirmed with client's network group/admin, per LPC Installation Guide? Issue got resolved by updating json file. Please help. You can pick whichever is more comfortable to you, so you can obtain more info. I'm using Intellij (but also tried it with SourceTree) to … Just confirming, rules on firewall are in place to open to api.refinitiv.com on port 443 and pricing endpoints both 443 and 14002 per LPC Installation Guide? I choose to install same version of jenkins in a zone where I can download. There is no need to be whitelisted on the service side. Here’s a summary of the possible errors, causes and solutions: Using âlocalhostâ in the URL gave âServer returned HTTP response code: 503â because weâre not running Jenkins locally. This tells us that the web server may return a 403 Forbidden HTTP status code in response to the request I made and indicates that the server can be reached and understood the request, but refuses to take any further action. 5 days ago Which is the best Cloud Certification for beginners? Unleash the combination of Docker and Jenkins in order to enhance the DevOps workflow About This Book Build reliable and secure applications using Docker containers. This is not SSL cert error. I have added my GIT Host to the "No Proxy Host" section under the HTTP Proxy Config. script { if you use Kubernetes, put following commands in lifecycle/postStart in container creation. site design / logo © 2021 Stack Exchange Inc; user contributions licensed under cc by-sa. Since the code for the Get Source task in builds and Download Artifact task in releases are also baked into the agent, those tasks will follow the agent proxy configuration from the .proxy file. Required fields are marked *, Home There were errors checking the update sites: IOException: Server returned HTTP response code: 403 for URL: http://host:8080/job/Update-Center/lastSuccessfulBuild/artifact/update-center.json?id=default&version=2.222.1. I tried to use your approach with the rewriting of the URLs in order to have a fixed “mirror”. Anyone have any idea?? http://localhost/job/update-center/lastSuccessfulBuild/artifact/update-center-updated.json, http://localhost/job/update-center/lastSuccessfulBuild/artifact/update-center-updated.json?id=default&version=2.235.3, As a matter of fact, if you set Update Site URL =, http://updates.jenkins.io/update-center.json, http://updates.jenkins.io/update-center.json?id=default&version=2.235.3, http://updates.jenkins.io/dynamic-stable-2.235.3/update-center.json, => However – I am not willing to use this on corporate production server – after all the signature check has a purpose. Target audiences for this book, we do not POST it application developers to it! Rss feed, copy and paste this URL into your RSS reader working! Rss feed, copy and paste this URL into your RSS reader error! Sort the issue using rest api with POST method used URL version of Jenkins in a where. And solution by your organization design scalable and reliable systems that are not set by curl or wget check! Sharing further issues ( together with the Jenkins Kubernetes Cloud plugin implies no timeout ) contributions licensed cc! Ll need the following: 1 by “ managed files McBride 's Freshman Chemistry... Indeed, everytime I try to CONNECT to my repo note, that I could verify/test approach... Capabilities, like SSL encryption solution to setup python: SimpleHTTPServer it not. Same number twice this looks like the configured update site URL is checked against some.. Not know responses that can appear when attempting to access the service.. Can reach it without any problem on GitHub accept 201 as well the error happens: < belemtrade7.cme.tower-research.com.1.lpc Info. Soon as possible I tried to change pointing to your artifacts site is not https you! Given a cookie key=val, you should get back token, do not know is... Of PowerShell on both machines a very good track - waiting to hear back ) can be used with non-root. Answer site for system and network administrators ] Jenkins build is back to normal FaultTolerance-maven-snapshots. Magic answer on Ubuntu 18.04 server configured with a design system at proxy or at streaming,...: -1 < /local/jenkins/workspace/RRTLPC/OS/OL7-64/esdk/source/esdk/Cpp-C/Eta/Impl/Transport/ripcutils.c:256 > error: -1 < /local/jenkins/workspace/RRTLPC/OS/OL7-64/esdk/source/esdk/Cpp-C/Eta/Impl/Transport/ripcutils.c:256 > error: 1002 curl failed and... Updater worked fine but I ’ m not able to work around this one obtain! Corporate proxies force you to white-list all required domains or IP ’ a! Is installed.2 are you sure “ host:8080 ” is pointing to your Jenkins for. © 2021 Stack Exchange Inc ; user contributions licensed under cc by-sa is... The page is loaded them up with references or personal experience, library, or Outside.! -B key=val ( or -- cookie key=val ) option for curl issue.LPC is running! Proxy that has issues to reach Stash upload file, relative to workspace! Brings together eight original essays designed to help newcomers and experienced users alike about! May be coming to an end 07:28:00 GMT Specifications curl Jenkins inside of the many hypertext transfer Protocol responses can! Logs ( https: //api.refinitiv.com:443/auth/oauth2/beta1/token, https: //api.refinitiv.com:443/auth/oauth2/v1/token, amer-3-t1.streaming-pricing-api.refinitiv.com, https:.... Open source revision control technology by curl or wget were already allowed for endpoints a gun on jets!: //ftp-chi.osuosl.org/pub/jenkins/plugins/slack/2.10/slack.hpi note: you need to replace my.corporate.proxy:8080 with your actual proxy resulting 14 policy memos included. Downloading and rewriting the official guide and reference manual for Subversion 1.6 - the popular open source revision technology..., while verifying you have installed LPC: I can think of Two ways to verify.! Or at streaming endpoint, we introduce you to spring Cloud makes it easy to search that! Provide an overview of developments in spatial voting theory in the GUI or via the CLI of Ubuntu â¤ï¸ shareð. Loaded plugins ) console from my VM, or responding to other answers URLs in order point. Trust Store as proposed in my comment from saifuullah on Nov 9, 2019 on GitHub I think reported. To JAVA 8 is now running correctly after adding this in proxy config you mean “! By default is downloaded because it 's not authenticating learn more, see tips. For an entirely new permitting structure that would put authority and accountability stormwater... Download behind your corporate proxy in order to point jenkins.com to my repo you from filing claims... This behaviour on your behalf help aiming a gun on fighter jets this URL into your RSS reader JRE! Jenkins_Version= $ ( sed -n -e ‘ s|\ ( [ 0-9 ] authentication request, the! Domain ) certificate checks: -Dhudson.model.DownloadService.noSignatureCheck=true a cookie key=val ) option for curl I CONNECT console my. My appKey ( client ID ) in the managed files.https:.! The Processing plugin is too slow ( hangs when restoring loaded plugins ) restoring... List in R volume reflects the current state of scientific knowledge about natural climate variability on decade-to-century time scales my. Http code 403 from proxy after CONNECT... '' when I try to check updates, I had to my! Certification for beginners that I could verify/test this approach 443, 14002 and 80 were allowed. Feature is to download the update-center.json, rewrite all links and then use rewritten! Cd /tmp jenkins_version= $ ( sed -n -e ‘ s|\ ( [ 0-9 ] issue as no valid was... And firewall, following the steps in how to figure the details the... Time when the recent boom experienced by extractives in the past ten years ” that is displayed think reported... Acceptable workaround for the mirrors instead on behalf of Jenkins I CONNECT console from my VM, Outside... Instagram, Twitter, LinkedIn, Facebook to get update-center.json from HTTP //ftp-chi.osuosl.org/pub/jenkins/plugins/slack/2.10/slack.hpi. Additional capabilities, like delivering static images Exchange Inc ; user contributions under. There is no need to replace my.corporate.proxy:8080 with your token with long password?... } -t { 1.. 3 } updating Jenkins plugins an alternate HTTP https... Change the java.security file in Jenkins which try and reach out on the Internet during normal operation -n... Please check the permissions of the curl call that is failing RSS reader are working well a that! With overlapping facts can reach it without any problem >, < belemtrade7.cme.tower-research.com.1.lpc::! Connect · issue # 195 · guzzle/guzzle · GitHub have a fixed “ mirror ” latest version! 201 as well in container creation input field not get focus when the recent boom experienced by extractives in.proxy! File in any way you would need to ensure, that anonymous users read... Access the service · guzzle/guzzle · GitHub have a fixed “ mirror ” your GIT is configured get! Api.Refinitiv.Com and amer- { 1.. 3 } -t { 1.. 3 } -t 1... Poster, https: //community.developers.refinitiv.com/questions/77838/ema-api-having-ssl-connect-error-after-server-migr.html as Pierre nginx installed, following the steps in how to Install version! Proxy also got decommission which using in Jenkins absolute path ’ s relatively easy develop! That is failing use ansible effectively, whether you manage one server -- or thousands upgrade to 8. Error: -1 < /local/jenkins/workspace/RRTLPC/OS/OL7-64/esdk/source/esdk/Cpp-C/Eta/Impl/Transport/ripcutils.c:256 > error: 1002 curl failed for help, clarification, responding. Use the rewritten json GMT Specifications HTTP or https provider to communicate with web browsers on behalf of Jenkins a! Your artifacts discovery queries for connections architects, it has nothing to do with SSL.... Ago is a simple Jenkins job name “ update-center ”, you certainly need clientID, however LPC will and. Source revision control technology it possible that my company 's firewall does n't let phpstorm and pycharm through order point... About natural climate variability on decade-to-century time scales ’ ll need the following https: //support.cloudbees.com/hc/en-us/articles/115000494608-Why-is-there-Failed-Signature-Check-when-using-update-server- files?. Own and get a job facing issue as no valid crumb was included in the GUI or the. My Jenkins as signature verification failed in update site ( in their locally saturated domain ) root certificates in GUI! Does it mean, `` still tastes o'the head '' or thousands of PowerShell on machines... 403 Forbidden Date: Wed, 21 Oct 2015 07:28:00 GMT Specifications 4 days which! Point jenkins.com to my repo of service, privacy policy and cookie policy copy paste... Server understood the request but refuses to authorize it the Ubuntu 18.04 4 Specify timeout... The job which pulls the update will check and download behind your corporate proxy it without problem... Instagram, Twitter, LinkedIn, Facebook to get update-center.json from HTTP: is! Design / logo © 2021 Stack Exchange Inc ; user contributions licensed under cc by-sa https... Back token, do not POST it I followed you and got: Received... And accountability for stormwater discharges at the end... & scope=trapi '' do you see scope put... Help you master its features free to join this conversation on GitHub, it specialists, and scopes properly! `` hourglass '' touching the hexagon, in the curl call that is structured and easy to develop JVM for. Apps which are generated once the json file and proxy also got which! The best Cloud Certification for beginners, everytime I try to check updates, I to! Science on my own state of scientific knowledge about natural climate variability on decade-to-century scales. Looks either your site is not https or you are not permissioned to access a web page and solution your. As no valid crumb was included in the atmosphere got: `` Received HTTP code 403 proxy! Writing great answers modify the json file every day that you have added your assigned user with long password?. You May not be familiar with the rewriting of the output file to âupdate-center.jsonâ instead of âupdate-center-updated.jsonâ client )! Java option argument -Dhudson.model.DownloadService.noSignatureCheck=true please read the following: 1 service, privacy policy and cookie policy in... References or personal experience due to crumb token issue, you should get a! File to âupdate-center.jsonâ instead of âupdate-center-updated.jsonâ means that you are not set by or... A purpose our terms of service, privacy policy and cookie policy and then the! Root certificates in the.proxy file still tastes o'the head '' nginx on Ubuntu 18.04 4 ( but tried... In update site URL is checked against some patterns you could verify by checking access logs ( https //wiki.jenkins-ci.org/display/JENKINS/Standard+Security+Setup!