Environment variable for certificateChain not supported

Anusree_Lakshmi · September 1, 2025, 5:14am

Tool	Version
Gradle	8.11.1
IntelliJ Platform Gradle Plugin	2.7.0

When trying to configure the plugin signing task using environment variables, passing the raw certificate content to certificateChain.set() fails with Invalid argument, whereas pointing to a file works.

Example that fails:

signing {
    certificateChain.set(System.getenv("CERTIFICATE_CHAIN"))
    privateKey.set(System.getenv("PRIVATE_KEY"))
    password.set(System.getenv("PRIVATE_KEY_PASSWORD"))
}

Error:

Invalid argument: -----BEGIN CERTIFICATE-----
MIIF5zCCA8+gAwIBAgIU...

Example that works:

signing {
    certificateChainFile = file("/Users/.../chain.crt") // path to file
    privateKey.set(System.getenv("PRIVATE_KEY"))
    password.set(System.getenv("PRIVATE_KEY_PASSWORD"))
}

Shouldn’t it be possible to pass the certificate content via an environment variable (multi-line string) without having to write it to a file manually?

Steps to reproduce

Set an environment variable CERTIFICATE_CHAIN with the full multi-line certificate content.
Configure signing using certificateChain.set(System.getenv(“CERTIFICATE_CHAIN”)).
Run ./gradlew verifyPluginSignature.

Topic		Replies	Views
Error when building the plugin: "Failed to read bundled plugin plugins/cwm-plugin" Gradle Build Scripts	2	81	February 28, 2025
How to set -Dfile.encoding=UTF-8 when run idea plugin IntelliJ Platform	1	32	April 2, 2025
Clarification regarding code signing for plugins in the JetBrains marketplace Plugin Verifier	1	70	September 16, 2025
Task 'runPluginVerifier' not found in root project Plugin Verifier	2	34	March 4, 2025
COMPATIBILITY_PROBLEMS: Compatibility problems detected Plugin Verifier	9	250	July 1, 2025

Environment variable for certificateChain not supported

Steps to reproduce

Related topics