I need to know what is the best practices to use cuba Studio behind firewall ?
And is there a specific lists of websites or IP address I need InfoSec need to whitelist for me in order to overcome these Issues
Yes already did this setup (CUBA Studio) proxy settings & Gradle proxy settings and restarted , But still no look .
Is there any other checks I can do ?
Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Run with --scan to get full insights.
Is this a certificate Issue ?
I noticed that when accessing the pom file from Internet explorer (which downloads from IE BTW), I can see that the issuer for the certificate is our firewall SW .
Do I need to import our company CA certificate for this to work, or Cuba studio do this automatically ?
If you get certificate exceptions - this means that something in your network (either a controlling software used by your company, or a malware) is trying to be “the man in the middle” in the SSL negotiation process.
You need to download the certificate, e.g. with web browser, review it and if it’s trusted - then add to the certificate store of your computer and probably, to certificate stores of JDK you use for developing the code and JRE used by the IntelliJ IDEA / CUBA Studio.
The certificate for the proxy server is already added to my certificate store and the JDK , However I noticed there are 2 Java keystores
C:\Users\XXX.CubaStudio2019.2\system\tasks\cacerts
C:\Program Files\Haulmont\CUBA Studio 2019.2\jbr\lib\security\cacerts
It is already added on the first path , but How do I make sure that cuba studio does not look for the certificate in the second path ?
Is there any way to diagnose certificate errors from cuba studio ?
Check the idea.log file (Help → Show Log in Explorer) for errors.
Note that when Gradle builds the project and downloads dependencies - it uses another JRE, the one which is specified as Project SDK. So you might need to add root certificate there too.