Allow insecure TLS command

Doyin · June 29, 2023, 3:27pm

Hello,

I need support with running a gradle build with an insecure protocol (TLS). Currently running gradle build in my github actions workflow. I’ve passed in the following commands:

gradle clean build -DsystemProp.http.ssl.insecure=true -DsystemProp.http.ssl.allowall=true -DisAllowInsecureProtocol=true

And i get the following errors while running the command:

the server may not support the client's requested TLS protocol versions: (TLSv1.2, TLSv1.3). You may need to configure the client to allow other protocols to be used

Could you please assist with this ?

Vampire · June 29, 2023, 3:45pm

If those system properties would have the intended effect, you at least need to remove the systemProp. prefix.
That prefix is for having those system properties in the gradle.properties file.
With -D... you directly specify system properties.

Doyin · June 29, 2023, 4:31pm

Hey, thanks for responding. I’m new to gradle, so I removed the prefix. It’ll be

gradle clean build -Dhttp.ssl.insecure=true

I used the line above and still got the same error.

Thanks

Vampire · June 29, 2023, 5:07pm

Well, that probably means that the property does not help anyway.
It is also most probably not a Gradle topic at all, but disabled in the Java version you use to run Gradle.
You probably have to adjust its security configuration to allow older insecure protocols.

dancing-goats · June 29, 2023, 5:13pm

To allow for older insecure protocols, do we need to provide org.gradle.allow-insecure-protocol=true to be set in the gradle.properties or elsewhere for a project wide opt-in?

Vampire · June 29, 2023, 6:42pm

As org.gradle.allow-insecure-protocol is not something that exists, no.