@JLLeitschuh - thanks for the follow-up.
I can’t speak for @twwwt’s particular situation, but after further investigation (and much hair-pulling) it does look as though (in our case at least) the issue is specific to our build environment as the JFrog team suggested.
We currently use a customised Ubuntu 16.04 Docker container for our build/test environment. As part of my investigation, I created a pristine container based on a standard Ubuntu:16.04 image - and then manually installed Java 8 & Gradle (5.6.2) as required. I created a very basic Gradle build file and I was able to download plugin dependencies without issue - indicating that the problem we were experiencing is specific to our customised Docker container.
Upon further inspection of the customised Docker environment with which I was experiencing the issue - it transpires we are using a custom Java ‘cacerts’ file (/etc/ssl/certs/java/cacerts) - overwriting the the OS-supplied one - containing a self-signed CA certificate used to sign SSL certs for various internal servers that we use within our organisation - including an Artifactory server used to serve various libraries to our build environment. The custom certs added to this file aren’t in themselves an issue - but the cacerts file itself is now very out of date. Once I replaced the ‘cacerts’ file with an up-to-date one…hey presto!..we’re back in business! The only reason we’ve recently started seeing this issue is because we updated the Java 8 version used in our Dockerfile from a version which didn’t perform this legacy Symantec CA cert check to a newer version which did.