Gradle Ignores SSL Settings and Proxy


(Marc) #1

Using gradle (gradlew) behind a proxy has been a nightmare so far. Gradle is unable to download anything via https (i,e, itself and any plugins).

Windows 10 - gradle 4.1

Error Message:

Connection timed out: connect

DEBUG/STACKTRACE:
Exception in thread “main” javax.net.ssl.SSLHandshakeException: sun.security.val
idator.ValidatorException: PKIX path building failed: sun.security.provider.cert
path.SunCertPathBuilderException: unable to find valid certification path to req
uested targe

But, even without a proxy we are having issues. It seems no matter what we do gradle ignores our settings.

We eventually fired up Fiddler on localhost port 8888 to try see what was happening but we cannot get gradle to use it.

What we’ve tried:

  1. Setting the following in gradle-wrapper.properties (and in User directory .gradle\gradle.properties
    systemProp.http.proxyHost=localhost
    systemProp.http.proxyPort=8888
    systemProp.http.nonProxyHosts=*.nonproxyrepos.com|localhost

systemProp.https.proxyHost=localhost
systemProp.https.proxyPort=8888
systemProp.https.nonProxyHosts=*.nonproxyrepos.com|localhost

  1. Setting the following in gradlew.bat
    set DEFAULT_JVM_OPTS=-Dhttp.proxyHost=localhost -Dhttp.proxyPort=8888

To no avail: gradle does not go via the Fiddler proxy and we’re very sure Fiddler is not the issue.

When we look at the URLs which gradle is trying to download - and getting SSL problems we have no problem downloading them in our browser and in firefox. So it’s unclear what the issue is.

We’ve tried:
set DEFAULT_JVM_OPTS=-Dcom.sun.net.ssl.checkRevocation=false -Dtrust_all_cert=true

Makes no difference at all to the errors.


(Dimitar Dimitrov) #2

The Gradle Wrapper does not take any of the Gradle properties into account. Regarding the env variable, check and if necessary tweak the gradlew.bat - this has a chance of working.

Kind of related Gradle wrapper in environments that require controlled builds


(Marc) #3

I’m adding the JVM parameters directly to gradlew.bat and it’s having no effect.

If I run “SET DEBUG=1” I see exactly what’s being executed and it’s this:

C:\bcp>"C:\Program Files\Java\jdk1.8.0_121/bin/java.exe" -Dhttps.proxyHost=myproxy -Dhttps.proxyPort=3128 -Djavax.net.ssl.trustStore=c:/prg/cacertsnew "-Dorg.gradle.appname=gradlew" -classpath "C:\bcp\\gradle\wrapper\gradle-wrapper.jar" org.gradle.wrapper.GradleWrapperMain clean --debug

We’re still getting:

FAILURE: Build failed with an exception.                                                            
                                                                                                    
* Where:                                                                                            
Build file 'C:\bcp\build.gradle' line: 11                                                           
                                                                                                    
* What went wrong:                                                                                  
Error resolving plugin [id: 'nu.studer.credentials', version: '1.0.3']                              
> Could not GET 'https://plugins.gradle.org/api/gradle/4.1/plugin/use/nu.studer.credentials/1.0.3'. 
   > Connect to 192.168.1.254:8080 [/192.168.1.254] failed: Connection refused: connect             

Stacktrace:

* Exception is:
org.gradle.api.GradleException: Error resolving plugin [id: 'nu.studer.credentials', version: '1.0.3']
        at org.gradle.plugin.use.internal.DefaultPluginRequestApplicator.resolveToFoundResult(DefaultPluginRequestApplicator.java:260)
        at org.gradle.plugin.use.internal.DefaultPluginRequestApplicator.access$100(DefaultPluginRequestApplicator.java:64)
        at org.gradle.plugin.use.internal.DefaultPluginRequestApplicator$1.transform(DefaultPluginRequestApplicator.java:94)
        at org.gradle.plugin.use.internal.DefaultPluginRequestApplicator$1.transform(DefaultPluginRequestApplicator.java:91)
        at org.gradle.util.CollectionUtils.collect(CollectionUtils.java:201)

When I use exactly the same JVM arguments in a test Java program it can connect successfully to HTTPS sites. So it’s like they are ignored here…


(Marc) #4

Perhaps the key is this “192.168.1.254:8080”.
I have no idea where it’s coming from.