peer not authenticated error when downloading with gradle 2.10

[grote]

When trying to get a jitpack hosted dependency via gradle, I receive this error:

      > Could not resolve com.github.MKergall.osmbonuspack:OSMBonusPack:v5.7.
         > Could not get resource 'https://jitpack.io/com/github/MKergall/osmbonuspack/OSMBonusPack/v5.7/OSMBonusPack-v5.7.pom'.
            > Could not GET 'https://jitpack.io/com/github/MKergall/osmbonuspack/OSMBonusPack/v5.7/OSMBonusPack-v5.7.pom'.
               > peer not authenticated

When adding the parameter -Djavax.net.debug=ssl:handshake to the gradle call, I get this more verbose description of the problem:

PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

This is on Debian sid and the reason might the that JitPack's SSL certificate coming from COMODO is maybe not trusted by its java installation. Please note that I have verified that my java trust store at /etc/ssl/certs/java/cacerts is not empty. I even rebuilt it running:

sudo /var/lib/dpkg/info/ca-certificates-java.postinst configure

However, wget and browsers validate the certificate just fine. So the error might actually not be with JitPack. I am posting it here anyway since it directly affects your main feature.

[jitpack-io]

Hi @grote

Thank you so much for the detailed analysis! There used to this kind of issue with SNI SSL certificates but jitpack.io is no longer using that so its strange to see it.
What is your environment OS/JDK/Gradle and proxy if any? Tried to get your dependency with gradle and could get it.

[grote]

I can get the dependency just fine with wget and the browser as well, just Java does not validate the certificate. I am using Debian Sid. Java is:

OpenJDK Runtime Environment (IcedTea 2.6.4) (7u95-2.6.4-1)
OpenJDK 64-Bit Server VM (build 24.95-b01, mixed mode)

I am using Gradle 2.10 and no proxy. The issue seems to also exist with "Arch Linux x86_64 and openjdk 7" as per #424.

[grote]

Using Gradle 2.11 instead of 2.10 indeed solves this issue. Thanks for the idea!

[mvdan]

Oh wow, this has been driving me crazy for the past week. Thanks @grote for saving me once again.

[Ashish-Bansal]

Thanks a lot @grote for the solution!

[mattbillenstein]

Having the same issue in Maven -- does anyone understand what the nature of the fix in Gradle was?

[aandis]

+1
thanks @grote!

[dtracers]

I would like to say that I have the same issue with maven using 3.0.2 on ubuntu. This was fixed by updating to the latest version of maven.

[jitpack-io]

@dtracers Thank you for the information!

[gabteles]

Updating to gradle 2.11 also worked for me! 👍

[Kapil-Yadav]

updating to 2.11 worked for me too , thanks a lot

[jguix]

Got this message building a project on PhoneGap Build. My project uses a Cordova plugin which I developed myself and use in other Cordova projects. The problem only raises in PhoneGap Build.

* What went wrong:
A problem occurred configuring root project 'project'.
> Could not resolve all dependencies for configuration ':_debugCompile'.
   > Could not resolve com.github.50ButtonsEach:fliclib-android:ec1cdc3fbe.
     Required by:
         :project:unspecified
      > Could not GET 'https://jitpack.io/com/github/50ButtonsEach/fliclib-android/ec1cdc3fbe/fliclib-android-ec1cdc3fbe.pom'.
         > peer not authenticated

The plugin that I am uisng in my app is Cordova-Flic:
https://github.com/jguix/Cordova-Flic

[jitpack-io]

Hi @jguix

Which version of Gradle are you using? This issue should have been fixed in 2.10
#514

[jguix]

I'm trying to figure it out. I don't know because it is a cloud build
(PhoneGap Build), out of my control. I asked in their community forums and
I'm waiting for a response.
El 27 may. 2016 12:34 p. m., "JitPack.io" notifications@github.com
escribió:

Hi

Which version of Gradle are you using? This issue should have been fixed
in 2.10
#514 #514

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
#423 (comment),
or mute the thread
https://github.com/notifications/unsubscribe/AB0GGY-_BCPREeBwUQMgS3_SfDksEgxWks5qFsi_gaJpZM4HVzVc
.

[therajanmaurya]

thanks @grote.

[lkv1988]

change jcenter() to this:
jcenter { url "http://jcenter.bintray.com/" }

this works for me.

[Sovietaced]

change jcenter() to this:
jcenter { url "http://jcenter.bintray.com/" }

this works for me.

Not much of a fix. You're just turning off SSL.

[lkv1988]

change jcenter() to this:
jcenter { url "http://jcenter.bintray.com/" }
this works for me.

Not much of a fix. You're just turning off SSL.

Yes, it's not the right solution.

[ductridev]

I found a solution that worked for me that add this into your gradle.properties.

Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2
JAVA_TOOL_OPTIONS=-Dhttps.protocols=TLSv1.2
systemProp.http.proxyHost=fodev.org
systemProp.http.proxyPort=8118
systemProp.http.nonProxyHosts=*.jitpack.io, *.maven.org
systemProp.https.proxyHost=fodev.org
systemProp.https.proxyPort=8118
systemProp.https.nonProxyHosts=*.jitpack.io, *.maven.org