Skip to main content

Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Eclipse Platform » Proxy / SSL problems with update sites
Proxy / SSL problems with update sites [message #1741857] Tue, 30 August 2016 08:16 Go to next message
István Mészáros is currently offline István MészárosFriend
Messages: 51
Registered: October 2009
Hello all,

our team is behind a company proxy which fakes SSL certificates to intercept HTTPS traffic.

If i configure the eclipse network settings to use the proxy server, i can properly reach the internet, use the embedded browser, GIT, update sites, etc.

The problem is that some update sites use HTTPS, and in that case eclipse refuses the connection with the following error:

Unable to read repository at http://.........../content.xml. PKIX path building failed: unable to find valid certification path to requested target

My guess that the problem is that the JVM that runs eclipse does not use the system CERT store that has the root certificate issued by the proxy.

I tried to export the certificate from the system CERT story to import it to the JVM CERT store, but exporting the private key is forbidden, and my guess is that i'd need that.

Is there a possibility to tell the JVM or Eclipse to ignore all certificate validation errors? I know it's not safe and not recommended, but currently i don't have any other idea how to overcome this problem.
Re: Proxy / SSL problems with update sites [message #1815046 is a reply to message #1741857] Tue, 24 September 2019 17:40 Go to previous messageGo to next message
Ian Colenutt is currently offline Ian ColenuttFriend
Messages: 1
Registered: September 2019
Junior Member
Hi did you ever get a solution for this? I have the exact same errors downloading packages via the eclipse marketplace.

Re: Proxy / SSL problems with update sites [message #1815193 is a reply to message #1815046] Fri, 27 September 2019 03:56 Go to previous message
Ed Merks is currently offline Ed MerksFriend
Messages: 32823
Registered: July 2009
Senior Member
It's like this problem:

I believe the only solution is to import the root certificate into your Java implementation as described there.

Another simpler approach is that often a newer version of Java will have a broader range of root certificates already installed.

Ed Merks
Professional Support:
Previous Topic:"split-window" commands in Emacs+ no longer work in 2019-09
Next Topic:Need help building the eclipse platform runtime (platform.ui, .ua)
Goto Forum:

Current Time: Fri Jun 02 23:21:57 GMT 2023

Powered by FUDForum. Page generated in 0.02057 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top