This is not a question. This is an answer to a very specific case - if you are behind a domain integrated HTTP/HTTPS proxy that insists in intercepting the HTTPS traffic. And a small comment on security. This particular experience is from Talend 7.0.
It starts with:
Except... it is fully available as far as you know... You quickly find that you need a proxy configured. But it does not work. Talend stays stubbornly offline.
That is because the studio at startup tries to access talend.com over https and if it fails... well, you MUST be offline... Had to go read sourcecode on github for that bit of wisdom.
First clue can be found in workspace\.metadata\.log
There will be a bunch of SSL certificate chain validation errors for maven if the proxy is configured right. That's because your employer insists reading your ssl traffic and thus has substituted the certificate with a chain of it's own.
Security note - there will also be your proxy password in plain text. Not a good thing if it is also your domain password...
So what you can do about the SSL errors? If you do not have control over the jvm... not much. but if you do... you can import the naughty intercept CAs into java cacert store with keytool like so:
C:\Program Files\Java\jdk1.8.0_162>.\bin\keytool -keystore jre\lib\security\cacerts -importcert -alias aliasforca -file "c:\tmp\cacert.cer"
Enter keystore password:
Certificate was added to keystore
the password is changeit in all java installs.
you may wonder where I got the certs... well you can browse to site and see/export the cert chain used. And hey presto. It works.
Enjoy this small bit of wisdom
Thanks for sharing it on forum.
It will be very helpful if you can also detail out the process to export the certificate too, I dont have any experience in that space and from your response its not clear from which site you exported the certificate.