Describe the bug
The JFrog Plugin is not using the custom CA certificates registered in the Plugin Configuration when downloading the advanced security scanners. In our environment, we access the internet through an http proxy that signs all traffic with an internal CA. Therefore, any outbound connections require trusting the internal CA. Despite having our custom CA registered in the IDE's plugin configuration, the JFrog Plugin encounters TLS errors when a scan is initiated. The Xray vulnerabilities for the project dependencies are properly displayed; however, advanced security and contextual analysis results are not.
The following screenshot shows the TLS error (bottom right) in conjunction with the valid Xray audit results of the project's dependencies. The advanced security results are missing. 
Temporary Workaround
A temporary workaround was discovered. If the custom CA certificates are registered in the global keystore used to launch the IDE (~/.local/share/JetBrains/Toolbox/apps/intellij-idea-ultimate/jbr/lib/security/cacerts), then the JFrog Plugin will communicate properly through the http proxy and download the advanced security scanners to the ~/.jfrog-idea-plugin/dependencies directory and execute as expected. The advanced security results including secret detection and contextual anaysis are properly displayed in the UI.
The following screenshot shows both the Xray audit results in conjunction with the advanced security results:
To Reproduce
- Configure IDE https proxy settings to point to a proxy that requires a custom CA.
- Register the custom CA within the IDE (Settings... --> Plugins --> Manage Plugin Certificates...)
- Initiate JFrog scan
Expected behavior
- The scanner binaries should be downloaded to the ~/.jfrog-idea-plugin/dependencies directory.
- The scanner should run without errors.
- The scan results should be displayed.
Versions
- JFrog IDEA plugin version: 2.7.5
- Operating system: Fedora 42
- Xray version: 3.131.32
Describe the bug
The JFrog Plugin is not using the custom CA certificates registered in the Plugin Configuration when downloading the advanced security scanners. In our environment, we access the internet through an http proxy that signs all traffic with an internal CA. Therefore, any outbound connections require trusting the internal CA. Despite having our custom CA registered in the IDE's plugin configuration, the JFrog Plugin encounters TLS errors when a scan is initiated. The Xray vulnerabilities for the project dependencies are properly displayed; however, advanced security and contextual analysis results are not.
The following screenshot shows the TLS error (bottom right) in conjunction with the valid Xray audit results of the project's dependencies. The advanced security results are missing.
Temporary Workaround
A temporary workaround was discovered. If the custom CA certificates are registered in the global keystore used to launch the IDE (~/.local/share/JetBrains/Toolbox/apps/intellij-idea-ultimate/jbr/lib/security/cacerts), then the JFrog Plugin will communicate properly through the http proxy and download the advanced security scanners to the ~/.jfrog-idea-plugin/dependencies directory and execute as expected. The advanced security results including secret detection and contextual anaysis are properly displayed in the UI.
The following screenshot shows both the Xray audit results in conjunction with the advanced security results:
To Reproduce
Expected behavior
Versions