How to resolve the “javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated” error when using Java 11?

Muhammed Kashif
2020-07-27 17:14

Whenever we try to perform certain operations such as pulling an artifact from the source registries which are configured with the certificates added to Artifactory such as connecting with redhat registries , the request may fail with "javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated" and if the Java being used on Artifactory is Java 11.0.2 AdoptOpenJDK, it could be related to this bug reported in the Java and To overcome this issue there are 2 workarounds,
1. Add this Java option "-Djdk.tls.client.protocols=TLSv1.2" under the $ARTIFACTORY_HOME/etc/default folder in Artifactory v6.x or $JFROG_HOME/etc/system.yaml in Artifactory v7.x and restart Artifactory, so that this Java option is implemented in Artifactory.
2. We recommend to upgrade the Java to Java 11.0.4 and above to resolve this issue.