Problems Using Maven and Ssl Behind Proxy

Problems using Maven and SSL behind proxy

The fact is that your maven plugin try to connect to an https remote repository

(e.g https://repo.maven.apache.org/maven2/)

This is a new SSL connectivity for Maven Central was made available in august, 2014 !

So please, can you verify that your settings.xml has the correct configuration.

    <settings>
  <activeProfiles>
    <!--make the profile active all the time -->
    <activeProfile>securecentral</activeProfile>
  </activeProfiles>
  <profiles>
    <profile>
      <id>securecentral</id>
      <!--Override the repository (and pluginRepository) "central" from the
         Maven Super POM -->
      <repositories>
        <repository>
          <id>central</id>
          <url>http://repo1.maven.org/maven2</url>
          <releases>
            <enabled>true</enabled>
          </releases>
        </repository>
      </repositories>
      <pluginRepositories>
        <pluginRepository>
          <id>central</id>
          <url>http://repo1.maven.org/maven2</url>
          <releases>
            <enabled>true</enabled>
          </releases>
        </pluginRepository>
      </pluginRepositories>
    </profile>
  </profiles>
</settings>

You can alternatively use the simple http maven repository like this

 <pluginRepositories>
    <pluginRepository>
      <id>central</id>
      <name>Maven Plugin Repository</name>
      <url>http://repo1.maven.org/maven2</url>
      <layout>default</layout>
      <snapshots>
        <enabled>false</enabled>
      </snapshots>
      <releases>
        <updatePolicy>never</updatePolicy>
      </releases>
    </pluginRepository>
  </pluginRepositories>

Please let me know if my solution works ;)

J.

How to tell Maven to disregard SSL errors (and trusting all certs)?

You can disable SSL certificate checking by adding one or more of these command line parameters:

  • -Dmaven.wagon.http.ssl.insecure=true - enable use of relaxed SSL check for user generated certificates.
  • -Dmaven.wagon.http.ssl.allowall=true - enable match of the server's X.509 certificate with hostname. If disabled, a browser like check will be used.
  • -Dmaven.wagon.http.ssl.ignore.validity.dates=true - ignore issues with certificate dates.

Official documentation: http://maven.apache.org/wagon/wagon-providers/wagon-http/

Here's the oneliner for an easy copy-and-paste:

-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true

Ajay Gautam suggested that you could also add the above to the ~/.mavenrc file as not to have to specify it every time at command line:

$ cat ~/.mavenrc 
MAVEN_OPTS="-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true"

Maven error, PKIX path building failed: unable to find valid certification path to requested target

It seems your B server does not have the certificates to access the repository, try to compare the environment certificates between servers A and B.

Also check this question: How do I find out what keystore my JVM is using?

Maven:unable to find valid certification path to requested target

as @weizenkeim hugo said, I search the way to import the certificates in linux.

just two steps:

  • Get root certificate
  • Get that certificate added to java cacerts file

and the link is here

build maven Java project behind firewall intercepting SSL certificates

I was able to get the download working by following the steps in this answer to download the intercepting SSL certificate, make it a keystore, and reference that when building the project using:

mvn clean package -Djavax.net.ssl.trustStore=/home/user/mavenKeystore

Unable to proxy Maven repo over https/ssl with Nexus

You have to import the custom CA certificate into the 'trustStore' and not into the 'keyStore'.

The procedure for creating a 'trustStore' is the same as the one for the 'keyStore'.
Once you have your *.jks file then link it using the following system properties:

javax.net.ssl.trustStore=<file>
javax.net.ssl.trustStorePassword=<password>

Related Topics

What Is the Point of "Final Class" in Java

How to Map a Composite Key with JPA and Hibernate

Is an Array an Object in Java

Java: Define Terms Initialization, Declaration and Assignment

Number of Days Between Two Dates in Joda-Time

Why Integer Class Caching Values in the Range -128 to 127

How to Resolve a Java Rounding Double Issue

Can You Recommend a Java Library for Reading (And Possibly Writing) CSV Files

Difference in Days Between Two Dates in Java

How to Use Keyeventdispatcher

Simple Http Server in Java Using Only Java Se API

How to Turn Off the Eclipse Code Formatter for Certain Sections of Java Code

Why Do We Usually Use || Over |? What Is the Difference

Conditionally Ignoring Tests in Junit 4

Adding Days to a Date in Java

How to Add One Day to a Date

Implements VS Extends: When to Use? What's the Difference

Preferred Way of Loading Resources in Java


Leave a reply



Submit