intellij-platform-gradle-plugin: signPlugin fails with NullPointerException

I followed the tutorial to set up everything needed to publish a plugin to the marketplace. So I added the PUBLISH_TOKEN, PRIVATEE_KEY, CERTIFICATE_CHAIN and PRIVATE_KEY_PASSWORD to the environment variables of the Run Configuration. When the signPlugin task is executed I always get a NullPointerException: pemObject must not be null.

Exception in thread "main" java.lang.NullPointerException: pemObject must not be null at org.jetbrains.zip.signer.signer.PrivateKeyUtils.loadKeyPair(PrivateKeyUtils.kt:62) at org.jetbrains.zip.signer.signer.PrivateKeyUtils.loadKeyPair(PrivateKeyUtils.kt:48) at org.jetbrains.zip.signer.signer.SignerInfoLoader.loadSignerInfoFromText(SignerInfoLoader.kt:30) at org.jetbrains.zip.signer.ZipSigningTool.sign(ZipSigningTool.kt:58) at org.jetbrains.zip.signer.ZipSigningTool.main(ZipSigningTool.kt:29) [gradle-intellij-plugin :MavenDependencyChecker:signPlugin] Error during Marketplace ZIP Signer CLI execution: Exception in thread "main" java.lang.NullPointerException: pemObject must not be null at org.jetbrains.zip.signer.signer.PrivateKeyUtils.loadKeyPair(PrivateKeyUtils.kt:62) at org.jetbrains.zip.signer.signer.PrivateKeyUtils.loadKeyPair(PrivateKeyUtils.kt:48) at org.jetbrains.zip.signer.signer.SignerInfoLoader.loadSignerInfoFromText(SignerInfoLoader.kt:30) at org.jetbrains.zip.signer.ZipSigningTool.sign(ZipSigningTool.kt:58) at org.jetbrains.zip.signer.ZipSigningTool.main(ZipSigningTool.kt:29)

About this issue

Original URL
State: closed
Created 2 years ago
Reactions: 4
Comments: 20 (3 by maintainers)

Most upvoted comments

This issue must be reopened by the plugin team.

nabato on Oct 23, 2023

Your github configuration looks good to me. So there is something going on when you create the base64 encoded string.

I had the exact same problem basically when I used the default MacOS base64 encoder, it did not work. But when I used the openSSL base64 encoder it worked. If you use MacOS you can try using the commands I provided above.

The important thing is the -A flag - openssl enc -A -base64

dinbtechit on Oct 23, 2023

To fix github actions. (Follow the below steps)

Important— Ensure base64 encoded string does not contain any space or newline characters.

To convert pem and crt files to base64 string

Note - Below commands are for MacOS. But could work in other OS if you have openssl installed.

Encode private.pem to Base64 encoded string.

openssl enc -A -base64 -in private.pem -out private_base64.pem
cat private_base64.pem

output: <<base64 Encode string>>

Copy & Paste the base64 string into github -> settings -> security -> secrets and variables -> Repository Secrets -> PRIVATE_KEY

Encode chain.crt to Base64 encoded string.

openssl enc -A -base64 -in chain.crt -out chain-base64.crt 
cat chain-base64.crt

output: <<base64 Encode string>>

Copy & Paste the base64 string into github -> settings -> security -> secrets and variables -> Repository Secrets -> CERTIFICATE_CHAIN

dinbtechit on Oct 23, 2023

@hsz thank you very much for your support!

I added the generated chain.crt and private.pem to the IntelliJ Run Configuration by copy & pasting the file contents to the environment section. I found a discussion in a Jetbrains forum about the problem. It has something to do with multiline parsing. The file contents span over multiple lines and and the gradle-intellij-plugin is not able to read the multiline contents from the Run Configuration. I tried to remove all line breaks and still it did not work (same error).

I now use the workaround stated in the forum: certificateChain.set(File(System.getenv("CERTIFICATE_CHAIN") ?: "./certs/chain.crt").readText(Charsets.UTF_8))

But it would be very nice if I could use the Gradle plugin task for signing.

mwalter on Feb 1, 2022

@mwalter I have tried reproducing this error, but with no luck. After generating chain.crt and private.pem files as described in Plugin Signing article, everything works well.

Could you please provide more information regarding your setup?

hsz on Feb 1, 2022