Always use system trust store when creating Q client (#4652)

rli · web-flow · commit cb64a65ea6a2 · 2024-07-08T11:40:56.000-07:00
Some users may have a networking setup where they implicitly traverse SSL-introspecting appliances without explicit configuration.
diff --git a/.changes/next-release/bugfix-9a8eaf22-9631-404f-a67c-fc792142a8b4.json b/.changes/next-release/bugfix-9a8eaf22-9631-404f-a67c-fc792142a8b4.json
@@ -0,0 +1,4 @@
+{
+  "type" : "bugfix",
+  "description" : "Fix Q Chat not respecting system trust store unless a proxy is configured"
+}
diff --git a/plugins/amazonq/codewhisperer/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codewhisperer/util/CodeWhispererEndpointCustomizer.kt b/plugins/amazonq/codewhisperer/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codewhisperer/util/CodeWhispererEndpointCustomizer.kt
@@ -95,10 +95,12 @@ class CodeWhispererEndpointCustomizer : ToolkitClientCustomizer {
                         .useSystemPropertyValues(false)
 
                     clientBuilder.proxyConfiguration(proxyConfiguration.build())
-                        .tlsTrustManagersProvider { arrayOf<TrustManager>(CertificateManager.getInstance().trustManager) }
                 }
 
-                builder.httpClientBuilder(clientBuilder)
+                builder.httpClientBuilder(
+                    clientBuilder
+                        .tlsTrustManagersProvider { arrayOf<TrustManager>(CertificateManager.getInstance().trustManager) }
+                )
             }
         } else if (builder is CodeWhispererClientBuilder) {
             clientOverrideConfiguration.addExecutionInterceptor(

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +{
 +  "type" : "bugfix",
 +  "description" : "Fix Q Chat not respecting system trust store unless a proxy is configured"
 +}
Original file line number	Diff line number	Diff line change
`@@ -95,10 +95,12 @@ class CodeWhispererEndpointCustomizer : ToolkitClientCustomizer {`
`95`	`95`	`.useSystemPropertyValues(false)`
`96`	`96`
`97`	`97`	`clientBuilder.proxyConfiguration(proxyConfiguration.build())`
`98`		`- .tlsTrustManagersProvider { arrayOf<TrustManager>(CertificateManager.getInstance().trustManager) }`
`99`	`98`	`}`
`100`	`99`
`101`		`- builder.httpClientBuilder(clientBuilder)`
	`100`	`+ builder.httpClientBuilder(`
	`101`	`+ clientBuilder`
	`102`	`+ .tlsTrustManagersProvider { arrayOf<TrustManager>(CertificateManager.getInstance().trustManager) }`
	`103`	`+ )`
`102`	`104`	`}`
`103`	`105`	`} else if (builder is CodeWhispererClientBuilder) {`
`104`	`106`	`clientOverrideConfiguration.addExecutionInterceptor(`