My company distributed some self signed certificates through GPO, and I want gradle to trust these certificates as well. How can I achieve this?
I have tried adding the following lines to my gradle.properties :
systemProp.javax.net.ssl.trustStore=C:\\Windows\win.ini
systemProp.javax.net.ssl.trustStoreType=Windows-ROOT
I wonder if this is the correct approach? Because after I added those lines, the exception saying "unable to find valid certification path to requested target" is gone, but somehow I always got a connection reset exception when resolving dependencies. I'm not sure whether this "connection reset" problem is a completely different matter or my truststore configuration is still not quite right.
Thanks.
You could add the certificates to the truststore/keyring of the JDK that is executing your Gradle instance. Usually, the Env var JAVA_HOME points to this JDK, but there are other methods in Gradle to configure it.
In the JDK installation directory, you'll find a default truststore named cacerts in lib/security (jre/lib/security for older Java versions).
There are different tools you can use to modify that truststore. JDK ships bin/keytool by default, but there are also graphical tools with easier usability.
Import your certificates into this truststore and Gradle should accept them for your connections. (See Oracle documentation with examples for keytool)
You can also use the configuration property you already listed systemProp.javax.net.ssl.trustStore=<path> to point to a modified truststore if you don't want to use the one from the JDK installation.