Skip to main content


Eclipse Community Forums

      Home
Home » Eclipse Projects » Eclipse Platform » Proxy / SSL problems with update sites
Proxy / SSL problems with update sites [message #1741857] Tue, 30 August 2016 04:16 Go to next message
Eclipse UserFriend
Hello all,

our team is behind a company proxy which fakes SSL certificates to intercept HTTPS traffic.

If i configure the eclipse network settings to use the proxy server, i can properly reach the internet, use the embedded browser, GIT, update sites, etc.

The problem is that some update sites use HTTPS, and in that case eclipse refuses the connection with the following error:

Unable to read repository at http://.........../content.xml.
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target


My guess that the problem is that the JVM that runs eclipse does not use the system CERT store that has the root certificate issued by the proxy.

I tried to export the certificate from the system CERT story to import it to the JVM CERT store, but exporting the private key is forbidden, and my guess is that i'd need that.

Is there a possibility to tell the JVM or Eclipse to ignore all certificate validation errors? I know it's not safe and not recommended, but currently i don't have any other idea how to overcome this problem.
Re: Proxy / SSL problems with update sites [message #1815046 is a reply to message #1741857] Tue, 24 September 2019 13:40 Go to previous messageGo to next message
Eclipse UserFriend
Hi did you ever get a solution for this? I have the exact same errors downloading packages via the eclipse marketplace.

Thanks
Re: Proxy / SSL problems with update sites [message #1815193 is a reply to message #1815046] Thu, 26 September 2019 23:56 Go to previous message
Eclipse UserFriend
It's like this problem:

https://stackoverflow.com/questions/21076179/pkix-path-building-failed-and-unable-to-find-valid-certification-path-to-requ

I believe the only solution is to import the root certificate into your Java implementation as described there.

Another simpler approach is that often a newer version of Java will have a broader range of root certificates already installed.
Previous Topic:"split-window" commands in Emacs+ no longer work in 2019-09
Next Topic:Need help building the eclipse platform runtime (platform.ui, .ua)
Goto Forum:
  


Current Time: Thu May 15 18:55:11 EDT 2025

Powered by FUDForum. Page generated in 0.05379 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly