Description
Issue Summary
Our application, configured for HTTPS-only mode, fails to fetch OpenAPI documentation due to SSL handshake errors with self-signed certificates during local development.
Details
The root of the issue lies in the fact that our self-signed CA certificate is not included in Java's cacerts TrustStore. Since we might use different Java environments, adding the certificate to cacerts is not a viable solution. Consequently, the SSL handshake fails because Java does not trust our self-signed certificate. A potential solution is to provide a TrustStore in the connection's SSL context, which current plugin setup does not support.
Expected Behaviour
The application should successfully establish HTTPS connections, even with self-signed certificates, particularly for fetching OpenAPI documentation during local development.
Steps to Reproduce
- Configure the application for HTTPS communication.
- Use a self-signed certificate for local development.
- Attempt to fetch OpenAPI documentation over HTTPS.
Proposed Solution
Modify plugin to allow configuring a custom TrustStore, enabling Java to trust it during SSL handshakes.
Criticality of the Issue
This issue is blocking local development and testing processes, where self-signed certificates are commonly used.