SSL Peer Not Authenticated


(Bryan Stopp) #1

This is a follow on to this post: http://forums.gradle.org/gradle/topics/ssl_peer_not_authenticated

I have had my Sys Admin team install a fully qualified cert to our artifactory repository and i’m still receiving an SSL Peer not authenticated error.

I’ve removed any other references to the old wildcard certs, but still get there error. I’ve also verified the cert chain from GoDaddy to one in the cacerts file.

Here’s the error from the logs.

20:47:56.546 [ERROR] [org.gradle.BuildExceptionReporter] Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
20:47:56.547 [ERROR] [org.gradle.BuildExceptionReporter]
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:397)
20:47:56.547 [ERROR] [org.gradle.BuildExceptionReporter]
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)

Why doesn’t gradle reslove certs correctly?

Thoughts? Help?

-Bryan


(Luke Daley) #2

There’s nothing special going on here. Gradle will use the JVM’s trust settings by default. Next thing to do would be to confirm that the cert was correctly installed.


(Vladislav Bauer) #3

Is it possible to disable SSL validation at all? Do you plan to add it?

Maven supports additional parameters to do it: -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true

There is also no mention in documentation how to work with repositories under HTTPS (ex: repositories on Github): http://www.gradle.org/docs/current/userguide/userguide_single.html