I have a nginx reverse proxy in front of many website to handle SSL certificates. So it using virtual host (by name), and one certificate for each virtual host. My gerrit running behind this reverse proxy.
Gerrit has events-log plugin installed, and https certificate is signed by public CA root.
Now when I config gerrit-trigger-plugin to talk to gerrit, it keep complaining SSLHandShake error because cannot recognize certificate.
After many debug, I found that gerrit-trigger-plugin using deprecated HttpClient APIs, which cause gerrit-trigger-plugin connect to the IP instead of hostname to do handshake, so it getting wrong certificate.