You don’t need to add any of those certificates. The root certificate is from a well-known trusted certificate authority and is already present in the trust stores used by your browser and included in Java’s cacerts. This certificate chain would already be trusted, but your proxy is stepping into the middle and interfering.
You’re saying you have a two certificate chain? Good, that’s what you’re supposed to have. The Gradle cert isn’t really a Gradle certificate. It’s the imposter certificate that your proxy is generating. It’s signed by the proxy certificate above it in the chain. That proxy certificate is the self-signed root certificate you need to be exporting on its own and importing into cacerts. You don’t want a chain here, just the self-signed root certificate for the proxy.
And to clarify, in this context, the root certificate is the self-signed certificate at the top of the chain. There is zero expectation of 3 certificates here. Just the two, the self-signed root for the proxy and the server certificate is it. When you look at different requests in the browser, the server certificate should be different each time, but the proxy self-signed root should be the same.
Earlier in the thread, I was asking you to verify that you only got the self-signed root, not the server certificate. The server certificate is not the one you want. If there’s only 2, you want the top one, not the bottom one.