search

microsoft / team-explorer-everywhere

Team Explorer Everywhere Plugin for Eclipse
Other
300 stars 96 forks source link

Skip sert validation #306

Closed DdarkSideE closed 5 years ago

DdarkSideE commented 5 years ago

I use team-explorer-everywhere with Azure DevOps plugin for Rider and I got this:

java.lang.RuntimeException: An error occurred: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    at com.microsoft.alm.plugin.external.commands.Command.throwIfError(Command.java:423)
    at com.microsoft.alm.plugin.external.commands.CreateWorkspaceCommand.throwIfError(CreateWorkspaceCommand.java:91)
    at com.microsoft.alm.plugin.external.commands.CreateWorkspaceCommand.parseOutput(CreateWorkspaceCommand.java:73)
    at com.microsoft.alm.plugin.external.commands.CreateWorkspaceCommand.parseOutput(CreateWorkspaceCommand.java:22)
    at com.microsoft.alm.plugin.external.commands.Command$1.completed(Command.java:178)
    at com.microsoft.alm.plugin.external.ToolRunner$ListenerProxy.completed(ToolRunner.java:295)
    at com.microsoft.alm.plugin.external.ToolRunner$ProcessWaiter.run(ToolRunner.java:333)

Are there any ways to skip cret validation?

ForNeVeR commented 5 years ago

@DdarkSideE, it would be better to report this issue to the azure-devops-intellij tracker, but anyways I'll try to give you an answer.

By default, any JetBrains IDE will allow you to choose which certificates you trust when any HTTPS connection is made in the IDE settings.

This is not (currently) the case of team-explorer-everywhere: it is an external process that doesn't use the IDE certificate store (there're plans to change that). So, for the TF client to trust your certificate, you'll need to add it to the security store of the JVM you use for it (by default it is a JVM embedded into JetBrains IDE).

Please take a look at this guidance, namely the section "Importing the certificate". Some of the paths are a bit outdated (e.g. there's jbr/lib/security/cacerts now instead of old jre/jre/lib/security/cacerts), but you should be able to follow it.

DdarkSideE commented 5 years ago

I thought it could get certs from win cert store because it's already added. Adding the certificate to cacerts manually helps. Thank you.