diff --git a/plugin/pom.xml b/plugin/pom.xml
index 570352fa..10e88255 100644
--- a/plugin/pom.xml
+++ b/plugin/pom.xml
@@ -52,11 +52,6 @@
jakarta.inject-api
2.0.1
-
- io.reactivex.rxjava3
- rxjava
- 3.1.5
-
com.fasterxml.jackson.core
jackson-databind
diff --git a/plugin/src/software/aws/toolkits/eclipse/amazonq/lsp/connection/QLspConnectionProvider.java b/plugin/src/software/aws/toolkits/eclipse/amazonq/lsp/connection/QLspConnectionProvider.java
index 9da462cf..1ca8a6d3 100644
--- a/plugin/src/software/aws/toolkits/eclipse/amazonq/lsp/connection/QLspConnectionProvider.java
+++ b/plugin/src/software/aws/toolkits/eclipse/amazonq/lsp/connection/QLspConnectionProvider.java
@@ -44,10 +44,10 @@ public QLspConnectionProvider() throws IOException {
@Override
protected final void addEnvironmentVariables(final Map env) {
- String httpsProxyPreference = ProxyUtil.getHttpsProxyUrl();
+ String httpsProxyUrl = ProxyUtil.getHttpsProxyUrl();
String caCertPreference = Activator.getDefault().getPreferenceStore().getString(AmazonQPreferencePage.CA_CERT);
- if (!StringUtils.isEmpty(httpsProxyPreference)) {
- env.put("HTTPS_PROXY", httpsProxyPreference);
+ if (!StringUtils.isEmpty(httpsProxyUrl)) {
+ env.put("HTTPS_PROXY", httpsProxyUrl);
}
if (!StringUtils.isEmpty(caCertPreference)) {
env.put("NODE_EXTRA_CA_CERTS", caCertPreference);
diff --git a/plugin/src/software/aws/toolkits/eclipse/amazonq/util/ProxyUtil.java b/plugin/src/software/aws/toolkits/eclipse/amazonq/util/ProxyUtil.java
index b6da0128..c1b777c1 100644
--- a/plugin/src/software/aws/toolkits/eclipse/amazonq/util/ProxyUtil.java
+++ b/plugin/src/software/aws/toolkits/eclipse/amazonq/util/ProxyUtil.java
@@ -16,7 +16,9 @@
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509TrustManager;
import org.eclipse.mylyn.commons.ui.dialogs.AbstractNotificationPopup;
import org.eclipse.swt.widgets.Display;
@@ -154,6 +156,21 @@ private static String getCustomCertPath() {
}
private static SSLContext createSslContextWithCustomCert(final String certPath) throws Exception {
+ TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ tmf.init((KeyStore) null);
+
+ KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+ keyStore.load(null, null);
+
+ for (TrustManager tm : tmf.getTrustManagers()) {
+ if (tm instanceof X509TrustManager) {
+ X509TrustManager xtm = (X509TrustManager) tm;
+ for (X509Certificate cert : xtm.getAcceptedIssuers()) {
+ keyStore.setCertificateEntry(cert.getSubjectX500Principal().getName(), cert);
+ }
+ }
+ }
+
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
X509Certificate cert;
@@ -161,15 +178,13 @@ private static SSLContext createSslContextWithCustomCert(final String certPath)
cert = (X509Certificate) certificateFactory.generateCertificate(fis);
}
- KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
- keyStore.load(null, null);
keyStore.setCertificateEntry("custom-cert", cert);
- TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
- tmf.init(keyStore);
+ TrustManagerFactory customTmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ customTmf.init(keyStore);
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
- sslContext.init(null, tmf.getTrustManagers(), null);
+ sslContext.init(null, customTmf.getTrustManagers(), null);
Activator.getLogger().info("Picked up custom CA cert.");
return sslContext;