How can I tell gradle wrapper to trust my artifactory's cert without modifying every machine that uses it or am I pulling through artifactory in the wrong way?
My artifactory uses a self signed cert and my systems are set to trust this. Within a gradle build, access to the artifactory repos works wonderfully for my dependencies but gradlew less so.
To improve build reliability, we added an artifactory simple remote repository for https://services.gradle.org/distributions/gradle-... but see the following when we build:
gradle-wrapper.properties
distributionUrl=https\://artifactory01.megacorp.us/remote-simple-artifactory/distributions/gradle-4.0.2-all.zip
Error
Exception in thread "main" javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
It sure looks like gradlew is treating artifactory as a man-in-the-middle (which in essence it is).
What's the right way to do this?
The error is caused because JAVA that Artifactory runs on does not have root certificate of the remote URL trusted on its trusted root certificate store.
Furthermore, please refer to the following knowledge base article regarding PKIX.
An additional option, in case your URL has a trailing '/' at the end which can lead to a redirect to a secure location of the remote repository