I am getting javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated when Gradle tries to download the following POM: Could not GET 'https://files.boxfuse.com/com/boxfuse/client/boxfuse-gradle-plugin/1.6.1.619/boxfuse-gradle-plugin-1.6.1.619.pom
This is an S3 bucket proxied by Cloudflare using their default SSL config. (they know what they’re doing)
Gradle version:
Gradle 2.4
Build time: 2015-05-05 08:09:24 UTC
Build number: none
Revision: 5c9c3bc20ca1c281ac7972643f1e2d190f2c943c
Groovy: 2.3.10
Ant: Apache Ant™ version 1.9.4 compiled on April 29 2014
JVM: 1.8.0_45 (Oracle Corporation 25.45-b02)
OS: Windows 8.1 6.3 amd64
Neither Maven with exact same JDK installation nor Chrome have any issues. I therefore strongly believe it NOT an issue of adding the certificate to the JDK’s cacerts, but more Gradle attempting to connect with an outdated unsecure protocol (SSLv3?) which is being rejected by Cloudflare.
Repro project: https://github.com/boxfuse/dwunikernel and issue a gradle build -info
There is a high chance this is related to Gradle’s lack of support for SNI: https://issues.gradle.org/browse/GRADLE-3250
Cheers
Axel