Option to ignore SSL certificate errors with VersionEye enterprise

stempler / gradle-versioneye-plugin

Plugin for Gradle to update your project's dependencies status on www.versioneye.com

MIT License

31 stars 5 forks source link

Option to ignore SSL certificate errors with VersionEye enterprise #40

Closed snipem closed 7 years ago

snipem commented 7 years ago

We have a custom signed SSL certificate which will randomly produce SSL exception such as:

Error:Execution failed for task ':versioneye-create'.
> javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Is there an option to ignore those errors? Like GIT_SSL_NO_VERIFY in Git.

stempler commented 7 years ago

There currently is no option for that. The Groovy HTTPBuilder that is used here under the hood uses the Apache Http Client. So I guess one would need to create a custom client with specific configuration for ignoring/trusting the certificate. See for instance this Stackoverflow post.

snipem commented 7 years ago

I was able to solve this problem by added the Custom Root CA to the Java keystore of the JDK being used for maven. Should be the same for Gradle. Thanks for your help.