Normally, a truststore password in java is only necessary if one wants to validate that the truststore isn’t corrupted. However, there is a bug in apache httpclient (https://issues.apache.org/jira/browse/HTTPCLIENT-1320), where they set the password explicitly to the empty string if we omit it, instead of keeping it at null. The empty string is most likely the wrong password, so that the user is forced to find the truststore password and to enter it. The bug has been fixed in 4.2.4, 4.3 Beta1, so can we simply upgrade gradle to depend on the newer version?
justinuang (Justin Uang) #1
mark_vieira (Mark Vieira) #2
HttpClient library has been updated to 4.4.1 as of Gradle 2.11. Can you confirm if this is still an issue?