Android Studio: Server's certificate is not trusted

Question

Is it safe to ignore this warning? It shows up when I create a new project in Android Studio:

Server\'s certificate is not trusted

Certificate details

Issued T         


        

Answer 1

For Mac Operating System it is in the menu Android Studio->Preferences->Tools->Server Certificates.

In the top of the right side window select the checkbox Accept non-trusted certificates automatically. Hit apply and ok.

Answer 2

I ran into this problem after adding a maven repository with SSL certificate signed by non-standard Certificate Authority (CA).

When running the gradle build for my project from my command line, everything worked fine (I had added the custom CA to my machine Java installation cacerts). I had problem running the build from Android studio however, and was getting errors like this:

> Could not resolve joda-time:joda-time:2.9.9.
  > Could not get resource 'https://custom-maven-repo.com/repository/releases/joda-time/joda-time/2.9.9/joda-time-2.9.9.pom'.
    > Could not GET 'https://custom-maven-repo.com/repository/releases/joda-time/joda-time/2.9.9/joda-time-2.9.9.pom''.
      > sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        > PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
          > unable to find valid certification path to requested target

I downloaded the pem file for the custom CA, called my-ca.pem. I tried adding this to Android Studio in Preferences -> Tools -> Server Certificates, but that didn't fix it.

I noticed that Android Studio uses an embedded JDK (File -> Project Structure -> SDK Location -> JDK Location) at /Applications/Android Studio.app/Contents/jre/jdk/Contents/Home. In order to get the certificate accepted, I ran (on Mac OS X) these commands to add the certificate, then kill the Android Studio java process:

/Applications/Android\ Studio.app/Contents/jre/jdk/Contents/Home/bin/keytool -import -alias my-ca -keystore /Applications/Android\ Studio.app/Contents/jre/jdk/Contents/Home/jre/lib/security/cacerts -storepass changeit -file path/to/my-ca.pem -noprompt
kill -9 $(ps -A | grep java | grep "Android Studio" | grep -v grep | awk '{print $1}')

Running the gradle build from Android Studio then worked.

An alternative solution is to set up Android Studio to use a custom JDK using on your machine which has the CA certificate installed, using the menu in File -> Project Structure -> SDK Location -> JDK Location