How to Capture a Certificate in a Java Keystore

$ ./gradlew build
....
> Could not GET 'https://wallaby.datenkollektiv.de/...
....
> sun.security.validator.VaidatorException: PXIX path building failed:

"unable to find valid certificate path to requested target"

openssl s_client -connect wallaby.datenkollektiv.de:443 2>&1 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'

This will produce the certificat for the URL connected to. Save the output in wallaby.cert the import it into a java keystore:

keytool -import -alias wallaby -file wallaby.cert -keystore planets.jks

To use the keystore within the build configure the keystore in gradle.properties:

systemProp.javax.net.ssl.trustStore=<PATH_TO_KEYSTORE>/planets.jks
systemProp.javax.net.ssl.trustStorePassword=s3cr3t

Note: In a Maven based build you could specify the properties via 'MAVEN_OPTS'

MAVEN_OPTS="-Djavax.net.ssl.trustStore=planets.jks -Djavax.net.ssl.trustStorePassword=s3cr3t"

Check the content of the certificate with

Bonus - Generate a self-signed certificate for development time

keytool -genkey -keyalg RSA -alias selfsigned -keystore dev-keystore.jks -storepass development -validity 365 -keysize 2048