'gradlew.bat (and gradlew) SSLHandShakeException
I'm new to Gradle and was going through this Spring Tutorial found here:
http://spring.io/guides/gs/gradle/
I get to the part where it tells me to add this task:
task wrapper(type: Wrapper) {
gradleVersion = '2.3'
}
I run gradle wrapper which creates the gradlew and gradlew.bat files.
Trying to run both of this I get this exception:
Downloading https://services.gradle.org/distributions/gradle-2.3-bin.zip
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.val
idator.ValidatorException: PKIX path building failed: sun.security.provider.cert
path.SunCertPathBuilderException: unable to find valid certification path to req
uested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.
java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.jav
a:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.
java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339
)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323
)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:1300)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:254)
at org.gradle.wrapper.Download.downloadInternal(Download.java:56)
at org.gradle.wrapper.Download.download(Download.java:42)
at org.gradle.wrapper.Install$1.call(Install.java:57)
at org.gradle.wrapper.Install$1.call(Install.java:44)
at org.gradle.wrapper.ExclusiveFileAccessManager.access(ExclusiveFileAcc
essManager.java:65)
at org.gradle.wrapper.Install.createDist(Install.java:44)
at org.gradle.wrapper.WrapperExecutor.execute(WrapperExecutor.java:126)
at org.gradle.wrapper.GradleWrapperMain.main(GradleWrapperMain.java:56)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find vali
d certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.j
ava:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerIm
pl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustMan
agerImpl.java:126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.
java:1323)
... 19 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:196)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
... 25 more
I try to hit the webserver at https://services.gradle.org/distributions/gradle-2.3-bin.zip and I'm not getting any sort of error. I'm I missing some sort of config? Any help would be appreciated. Thanks!
Solution 1:[1]
I experienced the same problem, however my symptoms were that my Ubuntu machine couldn't resolve any SSL hosts unless I specifically added them to Java's certificate authority (cacert) file.
I stumbled upon this Debian bug, and found a fairly straight-forward resolution: remove ca-certificates-java and install it again:
sudo dpkg --purge --force-depends ca-certificates-java
sudo apt-get install ca-certificates-java
I did a ./gradlew clean for good measure, and everything sprung to life again.
Solution 2:[2]
if you could not fix anyway. and if you are inside firewall.
then.
you may can not download https.
should fix that Edit gradle-wrapper.properties file.
vi [project]/gradle/wrapper/gradle-wrapper.properties
#distributionUrl=https\://services.gradle.org/distributions/gradle-2.8-bin.zip
distributionUrl=http\://services.gradle.org/distributions/gradle-2.8-bin.zip
change from https to http...
http://blog.cjred.net/gradlew-bat-and-gradlew-sslhandshakeexception/
After I modified, it says: Server returned HTTP response code: 403 for URL: http://services.gradle.org/distributions/gradle-6.0.1-all.zip
Solution 3:[3]
It seems, that the certificates for the gradle site were messed up. Doing a gradlew clean should fix this. See this thread on the Gradle forum: http://discuss.gradle.org/t/urgent-ssl-apache-configuration-for-services-gradle-org-is-bad/8808/4
Solution 4:[4]
In my case the problem was caused by an obsolete (7 years old) version of Java. Even gradlew clean did fail. After a Java update it worked fine.
Solution 5:[5]
In my case I was on a company network and behind a proxy, which as I understand it rewrites the SSL certificates, making the Java installation not trust any of them.
To solve it I had to create a gradle.properties file in my home directory under .gradle (~/.gradle/gradle.properties) and add the following line:
org.gradle.jvmargs=-DsystemProp.https.proxyHost=<myProxyHost> -DsystemProp.https.proxyPort=<myProxyPort> -DsystemProp.https.proxyUser=<myProxyUsername> -DsystemProp.https.proxyPassword=<myProxyPassword>
That solution was based on this SO answer: Gradle use certificate authentication for repository
Solution 6:[6]
Steps:
- Run
gradlew -Djavax.net.debug=all tasks - Go through the debug logs, and see if you find anything out of the ordinary.
In my case, seeing something like Zscaler did the trick, as i know i have Zscaler on(which by the way rewrites the TLS traffic blablabla), and it was trying to find the valid certification path to requested target, which obviously it couldn't find.
2 Options:
Exit
ZscalerIf exiting
Zscaleris not an option, go to your browser, exportZscaler Root Certificateand import it in the JVM truststoregradleis using, something like:keytool -import -trustcacerts -alias Zscaler -file "Zscaler Root CA.cer" -keystore "%JAVA_HOME%"\jre\lib\security\cacerts
IMPORTANT: Do a gradlew clean before retrying any command.
Solution 7:[7]
This is because, Gradle tries to find the installed package in your local machine. If you have the installed location:
D:\apps\gradle-3.3
Follow these steps in eclipse:
- New Project
- Gradle Project
- Enter project Name
- Local Installation Directory
- Click Finish.
You are good to go.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Paul Lammertsma |
| Solution 2 | Frank |
| Solution 3 | dunni |
| Solution 4 | ohaleck |
| Solution 5 | Hervian |
| Solution 6 | |
| Solution 7 | Juliën |