Building Java TrustStores with Gradle
Groovy Java Shell
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
.settings
.travis
gradle
scripts
src
.gitattributes
.gitignore
.mailmap
.project
.travis.yml
CHANGES.md
LICENSE.txt
README.md
appveyor.yml
build.gradle
gradlew
gradlew.bat

README.md

Build your Java TrustStore with Gradle

This Gradle plugin can build a Java TrustStore from existing certificates. The generated TrustStore uses the JKS format as the database format for the certificates. Additionally, the certificates are checked for validity.

For example, DST Root CA X3 expires on September 30, 2021. So when this date draws near in relation to the system's local date, something like this happens:

cmd> # Windows, with the locale set to de_DE:

cmd> date /T
10.07.2021

cmd> gradlew.bat build
:assemble UP-TO-DATE
:buildTrustStore UP-TO-DATE
:checkCertificates FAILED

FAILURE: Build failed with an exception.

* What went wrong:
Execution failed for task ':checkCertificates'.
> Certificate is already or becomes invalid within the next 90 days:
D:\truststorebuilder-gradle-plugin-demo\src\main\certs\Let's Encrypt\dstrootx3.pem

* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output.

BUILD FAILED

Total time: 4.62 secs

Status

Gradle plugin JCenter artifact License
Linux Build Status Windows Build Status Groovydoc Javadoc
SonarQube Tests Sonargraph by hello2morrow Sonargraph report
Codecov Test coverage by codecov.io

Configuration

The plugin registers an extension trustStoreBuilder which allows to configure the following settings:

Setting Description Default Type
password The password used for the TrustStore. changeit String
trustStore The file of the TrustStore to build. $buildDir/cacerts.jks Object*
inputDir The directory which is scanned for certificates. $projectDir/src/main/certs Object*
acceptedFileEndings A file being processed as a certificate has to have a file ending from this list. ['crt', 'cer', 'pem'] List<String>
atLeastValidDays Number of days the certificates have to be at least valid. 90 int

* Anything, that can be handled by project.file(...).

Example

A demonstration of this plugin can be found in this repository.

Development

I'm using Eclipse Neon with the plugin GroovyEclipse. This project requires the Groovy Compiler 2.4 Feature.