I develop and distribute plugins.
I confirmed that there was a problem in plugin when installing the plugin in Eclipse.
problem detail : PKIX path building failed. sun.security.provider.certpath.SunCertPathBuilderException : unable to find valid certification path to requested targe
The detailed situation is as follows.
1 Years Ago, I applied ssl certificate to updatesite.
The certificate has expired and the certificate has been replaced.
The update site can be accessed from browsers (Chrome, Safari, etc.) and it has been confirmed that the certificate is valid.
But when I enter the url in Eclipse > Help > Install New Software I get a PKIX error.
So, when I checked, I found that the Fingerprint of Hostname displayed in Eclipse > Preferences > General > Network Connections > SSH2 > Known hosts was different.
So, even if I delete the corresponding value and apply it, the previous information is loaded again.
So it looked like the jvm was still loading.
To solve it, you can enter the following command when running it in Eclipse.
-Djavax.net.ssl.trustStore='certification path'
However, this is only a workaround for users, you cannot use this workaround as a distributor.
What settings should I make on the server?
For reference, it worked fine when applying the SSL certificate for the first time, but it didn't work after replacing it. Also, fortunately, thanks to backing up the previous certificate, the plug-in download from the update site works well after restoring it. (About 1 month left until the previous certificate)
Related
I have the following configuration:
MacOS 11.0.1 (MacOS firewall is off)
Android Studio 4.1.2
Android Gradle plugin version 4.1.1
Gradle version 6.5
Java jdk version 1.8.0_251
Gradle build started to report an error in all my projects, so I guess it's not related to a specific project config (build.gradle etc.).
The same projects are building and working normally on the same Android Studio, Gradle and JDK versions on Windows.
Steps I already tried but didn't help:
Rebuild project
Invalidate caches / restart
Reinstall Android Studio from scratch, followed instructions for complete uninstall (How to completely uninstall Android Studio on Mac?)
A clean install of freshly downloaded Android Studio from https://developer.android.com/studio
Make a clean install using JetBrains Toolbox
Manually add certificates (downloaded from browser) to both Android Studio (Preferences/Tools/Server certificates) and Java keystore
Install Android Studio 4.2 beta 5
Install a newer version of JDK (1.8.0_281)
Error details:
Gradle sync failed: Cause: unable to find valid certification path to requested target
FAILURE: Build failed with an exception.
* What went wrong:
A problem occurred configuring root project 'name-of-the-project'.
> Could not resolve all artifacts for configuration ':classpath'.
> Could not resolve com.android.tools.build:gradle:4.1.1.
Required by:
project :
> Could not resolve com.android.tools.build:gradle:4.1.1.
> Could not get resource 'https://dl.google.com/dl/android/maven2/com/android/tools/build/gradle/4.1.1/gradle-4.1.1.pom'.
> Could not GET 'https://dl.google.com/dl/android/maven2/com/android/tools/build/gradle/4.1.1/gradle-4.1.1.pom'.
> sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
> Could not resolve com.google.gms:google-services:4.3.4.
Required by:
project :
> Could not resolve com.google.gms:google-services:4.3.4.
> Could not get resource 'https://dl.google.com/dl/android/maven2/com/google/gms/google-services/4.3.4/google-services-4.3.4.pom'.
> Could not GET 'https://dl.google.com/dl/android/maven2/com/google/gms/google-services/4.3.4/google-services-4.3.4.pom'.
> sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
> Could not resolve com.google.firebase:firebase-crashlytics-gradle:2.4.1.
Required by:
project :
> Could not resolve com.google.firebase:firebase-crashlytics-gradle:2.4.1.
> Could not get resource 'https://dl.google.com/dl/android/maven2/com/google/firebase/firebase-crashlytics-gradle/2.4.1/firebase-crashlytics-gradle-2.4.1.pom'.
> Could not GET 'https://dl.google.com/dl/android/maven2/com/google/firebase/firebase-crashlytics-gradle/2.4.1/firebase-crashlytics-gradle-2.4.1.pom'.
> sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
It seems like it is a network problem, but I tried to use different connection solutions with different providers, with and without VPN.
All mentioned files are accessible and I can download them from terminal using wget
wget https://dl.google.com/dl/android/maven2/com/google/gms/google-services/4.3.4/google-services-4.3.4.pom
--2021-03-04 12:42:32-- https://dl.google.com/dl/android/maven2/com/google/gms/google-services/4.3.4/google-services-4.3.4.pom
Resolving dl.google.com (dl.google.com)... 216.58.214.206
Connecting to dl.google.com (dl.google.com)|216.58.214.206|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1576 (1,5K) [application/octet-stream]
Saving to: ‘google-services-4.3.4.pom.1’
google-services-4.3.4.pom.1 100%[=====================================================================================>] 1,54K --.-KB/s in 0s
2021-03-04 12:42:32 (11,3 MB/s) - ‘google-services-4.3.4.pom.1’ saved [1576/1576]
I've been stuck with the exact same bug for several days, and like you I tried pretty much everything.
Finally I noticed something in Android Studio. I went to the Http Proxy preference tab and I saw a message saying
You have JVM property "https.proxyHost" set to "localhost"....
I tried to override this value by putting the line :
systemProp.https.proxyHost=
In my project gradle.properties file and tadaaa ! It works, I don't really understand what happened though...
Hoping to be helpful ;)
After additional research... for some reason, MacOS network proxy settings were changed and that was the reason for the warning Android Studio made:
You have JVM property "https.proxyHost" set to "localhost"....
To fix this, go to
System Preferences / Network / Advanced (for network you are using) / Proxy
and unselect Web Proxy and Secure Web Proxy
There another possible reason for not getting a valid certificate path. The various plugins you use in your gradle build are not necessarily using the trust store that contains the certificates to validate the authenticity of the certificate in question. In my case, I could communicate with a given server using a browser with no certificate validating errors, but I couldn't do the same using the "maven-publish" plugin. Why, because they are using different trust stores for certificate validation. The "maven-publish" uses the trust store that java has been configured to use. The default location is in directory $JAVA_HOME/jre/lib/security. The browser is using your OS trust store. The java trust store can be changed using the system properties:
javax.net.ssl.trustStore,
javax.net.ssl.trustStorePassword
javax.net.ssl.trustStoreType
You can set them in the gradle.properties file using this format:
systemProp.javax.net.ssl.trustStore={path to your truststore}
You can also set them in you build.gradle.kts script using this format:
System.setProperty("javax.net.ssl.trustStorePassword", "{your truststore password")
I am using Eclipse Neon 6.4.3 and i am trying to deploy my project to App Engine using the Google Cloud Platform plugin for Eclipse. https://cloud.google.com/eclipse/docs/quickstart
Until the 1st of April i could deploy projects using this plugin. But after that date, i get the following error:
Failed to retrieve projects; An error occurred while retrieving projects:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuiderException: unable to find valid certification path to requested target.
Reason: Failed to retrieve projects.
Details: Failed to retrieve projects
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
After I press OK, I get the same message again. Then I get the "Deploy to App Engine Standard" menu with my account but my project list is blank.
I am working in a company that uses proxies and it's doing a SSL Inspection. I imported these 2 certificates used for SSL Inspection in my Eclipse cacerts file but i get the same error. These two certificates are issued by our internal certificate authority.
I wanted to add this as a comment, but still don't have enough points:
Are you using maven or appcfg? Have you tried using appcfg with --proxy argument?
From Deploying a Java app documentation:
If you are using an HTTP proxy, include the --proxy argument to tell appcfg its address. If you use a different proxy for HTTPS, then also include the --proxy_https argument.
The current certificate for the URL used to retrieve the projects https://cloudresourcemanager.googleapis.com/ was issued on April 5 2017, this may be the reason for the error. If you open that url and check the certificate you can verify whether it's signing CA is in the truststore you use, or you need to add either the CA or the certificate itself to your truststore.
I'm trying to install Saros (http://www.saros-project.org/) in Eclipse Neon but have repeatedly received the following error details:
An error occurred while collecting items to be installed
session context was:(profile=epp.package.jee, phase=org.eclipse.equinox.internal.p2.engine.phases.Collect, operand=, action=).
Unable to read repository at http://downloads.sourceforge.net/dpp/de.fu_berlin.inf.dpp_14.10.31.jar?use_mirror=dfn.
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Unable to read repository at http://downloads.sourceforge.net/dpp/de.fu_berlin.inf.dpp.core_0.1.0.jar?use_mirror=dfn.
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Unable to read repository at http://downloads.sourceforge.net/dpp/de.fu_berlin.inf.dpp.whiteboard_14.10.31.jar?use_mirror=dfn.
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I've tried all of the solutions I can find, all of which appear to be collectively posted on this page: What to do about Eclipse's "No repository found containing: ..." error messages? but nothing appears to change.
My computer is running MacOS Sierra and my version of Eclipse is Eclipse Java EE IDE for Web Developers Version: Neon.2 Release (4.6.2)
Any other recommendations for what I could try next?
Thank you!
In December 2016, Sourceforge introduced automatic forwarding to HTTPS servers (even if the URLs are entered with HTTP) which used "Let's Encrypt" certificates. Older Java versions (below Java 8u101 and Java 7u111) did not recognize "Let's Encrypt"'s root certificate and this results in said error message (no "valid certification path").
But: As of now, Sourceforge seems to have switched to "GeoTrust" certificates, which should pose no problem, even for older Java versions.
So the first thing to check: Try to install Saros again.
Do you still get certificate errors?
If the problem persists from some reason, you have two options:
Easy way: Install Saros not from the update site, but as a dropin instead of using the update site. There is a How-To on the project website: Instructions for installing Saros as a dropin
Uncertain way: You could try to find out which certificate authority (CA) issued the certificates used by the HTTPS server you get forwarded to. (E.g. type one of the HTTP URLs from the error message into your web browser, wait until you get redirected to an HTTPS URL, and check the certificate information -- usually a green lock icon next to your address bar.) If you have the CA's name, there might be website explaining how to add its root certificate to your Java setup (similar to this one, which gives some hints for the "Let's Encrypt" case).
Update (2017-03-31):
I heard from others that the problem with Sourceforge still persists for them.
As an alternative to installing Saros as a dropin (option 1 above), you can also use our secondary Eclipse update site which is hosted on Heroku: https://get-saros.herokuapp.com/eclipse
I'm trying to connect to all the links in a particular webpage and get the response to see if the link is broken.
Some of the links are SSL that too self-certified.
So, I've followed the procedure of adding the certificate to trust store. After that it worked fine, when I tested the same in Eclipse(it returned OK/200).
But, when I build and run the project using ANT in command line, the same exception appears.
And it is weird that it doesn't happen when I build using the same xml through Eclipse; it simply works!
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
As per my previous comments Java installs a JRE alongside the JDK which in turn also has a JRE installed. Thus if you are not sure which one is used you can try to add the certificate into jre\lib\security\cacerts and jdk1.x.0_xx\jre\lib\security\cacerts.
I am trying to build a project in Android Studio, and Android's default build tool, Gradle, ALWAYS gives me an error when it attempts to build my project. The following is the result of using the "gradlew build" command:
FAILURE: Build failed with an exception.
* What went wrong:
A problem occurred configuring root project 'MyFirstApp'.
> Could not resolve all dependencies for configuration ':classpath'.
> Could not resolve com.android.tools.build:gradle:2.1.3.
Required by:
:MyFirstApp:unspecified
> Could not resolve com.android.tools.build:gradle:2.1.3.
> Could not get resource 'https://jcenter.bintray.com/com/android/tools/build/
gradle/2.1.3/gradle-2.1.3.pom'.
> Could not GET 'https://jcenter.bintray.com/com/android/tools/build/gradle
/2.1.3/gradle-2.1.3.pom'.
> jcenter.bintray.com:443 failed to respond
I have tried using an http proxy, vpn, turning off my firewall, deleting the cache in the .gradle foler, and even completely reinstalling Android Studio, but nothing seems to be working.
I am new to Android development, so any information is appreciated!
Here is the error when the proxy is implemented:
FAILURE: Build failed with an exception.
* What went wrong:
A problem occurred configuring root project 'MyFirstApp'.
> Could not resolve all dependencies for configuration ':classpath'.
> Could not resolve com.android.tools.build:gradle:2.1.3.
Required by:
:MyFirstApp:unspecified
> Could not resolve com.android.tools.build:gradle:2.1.3.
> Could not get resource 'https://jcenter.bintray.com/com/android/tools/build/
gradle/2.1.3/gradle-2.1.3.pom'.
> Could not GET 'https://jcenter.bintray.com/com/android/tools/build/gradle
/2.1.3/gradle-2.1.3.pom'.
> Remote host closed connection during handshake
I was able to add the HTTPS certificate to the keystore for jcenter.bintray.com, but now I am getting a JVM error whenever I start android studio:
Android Studio JVM Error
I have checked my environment variables, tried changing them, and the error persists. My java environment variables are set as follows:
User Variables:
PATH: %JAVA_HOME%\bin
JAVA_HOME: C:\Program Files\Java\jdk1.8.0_101
System Variables:
CLASSPATH: C:\Program Files\Java\jre1.8.0_101
JAVA_HOME: C:\Program Files\Java\jdk1.8.0_101\bin
EDIT:
After setting my Java home path in the gradle.properties file, I am now getting a different error when I attempt to build my project.
Downloading https://services.gradle.org/distributions/gradle-2.14.1-all.zip
Exception in thread "main" java.net.SocketException: Software caused connection abort: recv failed
EDIT:
I just wanted to let everyone know that I figured it out! Apparently my parents put some insanely powerful parental control software on my computer a few years ago and I forgot it was there. After uninstalling, Android Studio now works flawlessly. The software basically blocked all unknown traffic coming in and out of most of the ports. Anyway, thank you to everyone for the help. I can finally start developing!
Try setting both http and https as shown below
gradlew -Dhttp.proxyHost=127.0.0.1 -Dhttp.proxyPort=8080 -Dhttps.proxyHost=127.0.0.1 -Dhttps.proxyPort=8144
EDIT1 :
Gradle is trying to download jars from https repo "https://jcenter.bintray.com" but java does not have client certificates. Follow below steps to import client certificates
Step 1 : Download Client Certificate
a) Open https://jcenter.bintray.com URL in the browser (i.e firefox)
b) Click on the lock icon right to the URL bar
c) Server URL is shown , click to get right arrow and then on "more information"
d) Pop-up is opened to view the certificate of the Server.
e) click on the "View Certificate", In "details" table export to a file CERT_FILE_NAME.crt
Step 2 : Import the client certificate to JDK which Gradle is using
keytool -import -noprompt -trustcacerts -alias "clojars.org" -file C:\CERT_FILE_NAME.crt -keystore C:\java\jre\lib\security\cacerts -storepass "changeit"
If you behind a proxy, you must set proxy for Gradle separately because Gradle doesn't use AndroidStudio's proxy settings:
open gradle.properties and add the following lines, change ip addr to your proxy's ip.
systemProp.http.proxyHost=127.0.0.1
systemProp.https.proxyPort=7070
systemProp.https.proxyHost=127.0.0.1
systemProp.http.proxyPort=7070
I just wanted to let everyone know that I figured it out! Apparently my parents put some insanely powerful parental control software on my computer a few years ago and I forgot it was there. After uninstalling, Android Studio now works flawlessly. The software basically blocked all unknown traffic coming in and out of most of the ports. Anyway, thank you to everyone for the help. I can finally start developing!
I met this problem because i was in China. i set a wrong proxy for my AndroidStudio.it works when i delete my proxy in config file gradle.properties located in gradle directory.
Hope this can help you!
systemProp.https.proxyPort=10808
systemProp.http.proxyHost=127.0.0.1
systemProp.https.proxyHost=127.0.0.1
systemProp.http.proxyPort=10808
Comment or delete above lines!
Other than adding the certificate of https://jcenter.bintray.com/ to your key store, can you also check if there is a parent certificate for https://jcenter.bintray.com/. If so, you may need to add that certificate as well in the keystore.