2.11-rc-1 with https and wildcard certificate, uploadArchives

Hi, while this bug GRADLE-3250 has been fixed in the new version 2.11-rc-1, the almost exact same bug but on uploading artifact to a remote maven repo on a https + wildcard certificates remains.
Probably this bug was not here in the older versions of gradlle (example 2.2.1) because of the old Http client was not checking certificates at upload, now apparently it does, and so my upload artifact does not work anymore:

Could not publish configuration 'archives’
Failed to deploy artifacts: Could not transfer artifact com.myartifact.myversion from/to remote (https://maven.myremotemaven): Certificate for <maven.myMavenCertificate> doesn’t match any of the subject alternative names: [other certificate]

@stonesong is the Maven repository you are uploading to using SNI or simply a single wildcard certificate? Also, I assume you are using the ‘maven’ plugin and not the ‘maven-publish’ plugin?

@mark_vieira yes the maven repository is hosted on a server using SNI and wildcard certificate.
Also yes I use the maven plugin and not maven-publish plugin

So you are saying with 2.2.1 this worked when publishing? Are you able to resolve dependencies using HTTPS from this server using 2.11? How about with 2.2.1?

Exactly, with 2.2.1 I can upload an archives to the repo with authentication, but could not download dependency due to the GRADLE-3250 bug. With 2.11 I can now download the dependencies but can not upload an archives.

The uploadArchives task or the repository configuration for dependencies in build.gradle don’t change.

With version 2.10 for exemple I can not download dependency nor upload artifact.

My guess is this likely broke in Gradle 2.5 with our upgrade to the Maven 3 libraries. The ‘maven’ plugin uses the Maven Wagon HTTP implementation so it has it’s own set of rules. You can potentially configure it via system properties to skip cert validation: https://maven.apache.org/wagon/wagon-providers/wagon-http/index.html.

I’d suggest you try also with the ‘maven-publish’ plugin. That will for sure use the new HttpClient which supports SNI.

1 Like

Thank you @mark_vieira I’ll come back with feedbacks :slightly_smiling:

@mark_vieira I did not try yet with the properties, but indeed I can have a clean publish using the new maven-publish so everything is fine now :slightly_smiling:

thanks !