Created
May 7, 2019 15:09
-
-
Save reitzig/118b6cd60e7a95c5a6cc036268140562 to your computer and use it in GitHub Desktop.
Add custom root authority to Gradle, e.g. to access internal Maven repos with self-signed certificates
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# Following https://discuss.gradle.org/t/gradle-with-self-signed-certificate/23036/9 | |
# Script assumes it's located in a subdirectory one level below the project root. | |
set -ue | |
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" | |
cacerts_pwd="changeit" # JDK default | |
gradle_props="${DIR}/../gradle.properties" | |
registry_host="your.host" | |
registry_cert="${DIR}/your-chain.crt" | |
# Add custom certificate chain to Java defaults | |
cp "${JAVA_HOME}/lib/security/cacerts" "${DIR}/" | |
keytool -import -alias "${registry_host}" -file "${registry_cert}" -keystore "${DIR}/cacerts" \ | |
-storepass "${cacerts_pwd}" -noprompt | |
# Tell Gradle to use the custom keystore | |
if [[ -f "${gradle_props}" ]]; then | |
sed -i '/-Djavax.net.ssl.trustStore/d' "${gradle_props}" | |
fi | |
echo -e "\norg.gradle.jvmargs=-Djavax.net.ssl.trustStore=\"${DIR}/cacerts\" -Djavax.net.ssl.trustStorePassword=\"${cacerts_pwd}\"" \ | |
>> "${gradle_props}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Note: This won't necessarily work with every conceivable
gradle.properties
, in particular if you useorg.gradle.jvmargs
for anything else.