FWiesner
commented
2 years ago same problem here. But I'd like to propose the alternative approach of using IntelliJ's own CA/server certificate management
Open micwron opened 2 years ago
FWiesner
commented
2 years ago same problem here. But I'd like to propose the alternative approach of using IntelliJ's own CA/server certificate management
ahus1
commented
2 years ago I'm lacking knowledge on how to convince JRuby to use the system's CA store for this, therefore I add the "help-wanted" label to this issue.
Another option that might work (feel free to call it workaround):
I assume the kroki-fetch-diagram has been set to avoid calling the Kroki server when serving the final page, and instead store the file at build time with the Antora site.
There is the possibility of the .asciidoctorconfig file that allows users to configure settings that are only used to configure the preview, which could then override the value to something that works with the preview.
Please give the following steps a try:
antora-playbook.yml change the setting to kroki-fetch-diagram: '@' which will make it soft-set, which then allows it to be overwritten in the next step.asciidoctorconfig file which needs to be located in a folder that's a parent to the document being edited.:kroki-fetch-diagram!:, which will unset the attribute for the preview in the plugin, so it is disabled for the IDE preview.This should enable the preview use a image URL with the encoded diagram. I hope that this would use the system's CA store (haven't tried it as I'm lacking such a setup).
Please let me know if this second option works for you. I'll then add both options to the documentation.
In addition, I'll leave this issue open for a volunteer to pick it up to connect the JRuby mechanism to the JetBrain's certificate management that has been extended to use also the system's certificates, or to connect the JRuby mechanism to use system certificates.
micwron
commented
2 years ago The trick with .asciidoctorconfig works.
Another simple workaround that works for me is to remove kroki-fetch-diagram from antora-playbook.yml and pass it to antora through command line: antora --attribute kroki-fetch-diagram=true
ahus1
commented
1 year ago There is now a pull request #1313
Hi, I'm using IntelliJ Idea 2022.2.1 UE and AsciiDoc plugin 0.37.45. I have my own instance of kroki server, available through HTTPS with self-signed certificate. Root CA cert is added to windows trusted root CA store.
With "kroki-fetch-diagram: true" in antora-playbook.yml I'm getting the following error when trying to preview asciidoc page with plantuml diagram inside:
org.jruby.exceptions.StandardError: (SSLError) asciidoctor: FAILED: C:\repos\myrepo\docs\modules\ROOT\pages\mypage.adoc: Failed to load AsciiDoc document - certificate verify failedIn order to asciidoc plugin work correctly I have to either change "kroki-fetch-diagram" to false or add root CA to IntelliJ JRE' cacerts file. I'd expect asciidoc plugin to use system trust store.