Tuesday, March 16, 2021

Eclipse cannot connect to a server due to certification error

If "Install New Software" fails in Eclipse and it complains that the server's certificate is not trusted, that may be because the Java instance that Eclipse uses does not have the needed CA in its keystore.

Another symptom is that when you try to access Eclipse Marketplace in Eclipse (Help|Eclipse Marketplace...), exceptions are thrown complaining about the server certificate.

Usually Eclipse uses the Java in the system, and you can simple add the CA into the keystore following this post.

Sometimes Eclipse uses a different Java instance and to find out which one it is, you need to go to the installation of Eclipse and find this file eclipse.ini. Use a text editor to open it. Find the line -vm. Under it is the Java instance that Elipse uses.

Go to where the Java instance locates, and enter its lib/security/ directory. Follow this post to add the new CA to cacerts, e.g.:

$ keytool -import -alias CloudService -keystore cacerts -file "/path/to/CloudServiceRootCA.cer"

No comments:

Get This <