jfrog-idea-plugin icon indicating copy to clipboard operation
jfrog-idea-plugin copied to clipboard

Published 20 hours ago verified publisher icon jfrog

Certificate error for /artifactory/api/system/version only

Open kongslund opened this issue 2 years ago • 3 comments

Describe the bug IntelliJ's Notifications tool window shows a certificate error for the /artifactory/api/system/version endpoint.

image

However, the JFrog plugin is able to connect to our internal Artifactory installation which uses a server certificate issued by a custom CA.

image

In addition, the JFrog plugin is able to analyze dependencies so HTTPS requests are in general succeeding. image

To Reproduce

  • Open a project.
  • Configure the JFrog plugin to use an internal Artifactory instance which uses a server certificate issued by a custom CA.
  • Ensure IntelliJ trusts the Root CA.
  • Verify that the JFrog plugin's Test connection succeed.
  • Select the JFrog tool window and press the Refresh Scan button.
  • Observe that the JFrog plugin correctly analyzes the project's dependencies.
  • Open the Notifications tool window and observe that there is a certificate error for the /artifactory/api/system/version endpoint. No other certificate related errors are shown.

Expected behavior There should be no certificate errors.

Screenshots

Versions

  • JFrog IDEA plugin version: 1.15.0
  • Operating system: macOS 12.4
  • Xray version: 7.38.10

Additional context Add any other context about the problem here.

kongslund avatar Jun 07 '22 04:06 kongslund

This is still reproducable in JFrog IDEA plugin version: 2.1.2 IntelliJ version: 2022.3.3 Operating system: RHEL 8.7 Xray version: 7.49.3

jorander avatar Mar 27 '23 16:03 jorander

@kongslund @jorander, thanks for reporting this issue. This warning is popped up when the first attempt out of 3 of the GET /artifactory/api/system/version requests fails: https://github.com/jfrog/build-info/blob/build-info-extractor-2.39.8/build-info-client/src/main/java/org/jfrog/build/client/PreemptiveHttpClient.java#LL164 I'm not sure why the first attempt failed in your case. Does it consist every time?

Nevertheless, The actual test connection results are displayed in the configuration panel. Please let me know if that helped.

yahavi avatar Mar 28 '23 09:03 yahavi

I get two of those warnings, concistently every time I run the scan.

And the warning message doesn't match the line you referenced. It matches https://github.com/jfrog/build-info/blob/build-info-extractor-2.39.8/build-info-client/src/main/java/org/jfrog/build/client/PreemptiveHttpClient.java#L195

However, I don´t see the retry message: https://github.com/jfrog/build-info/blob/build-info-extractor-2.39.8/build-info-client/src/main/java/org/jfrog/build/client/PreemptiveHttpClient.java#L201

I'm in the process of setting up a dev-environment where I can debug. If that succeeds I'll come back with more context.

jorander avatar Mar 28 '23 15:03 jorander