You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@maven.apache.org by Adrian Herscu <bm...@fastmail.fm> on 2007/10/10 19:56:30 UTC
[m2] SSL certificate name does not match
Hi all,
I am hosting my project sources and binaries with some external
provider. He cannot set up an SSL certificate for my domain name...
Meanwhile, the only alternative is accept those SSL warnings about
domain name mismatch. I am getting them in my browser and also in my SVN
client.
Now I am trying to set up Maven to build and deploy my project to this
provider. The problem is that I am getting these messages from Maven:
<snip>
[WARNING] repository metadata for: 'snapshot
org.wirexn.build.extensions:wirexn-
build-extensions:1.0-alpha-4-SNAPSHOT' could not be retrieved from
repository: s
napshots@wirexn.net due to an error: Error transferring file
[INFO] Repository 'snapshots@wirexn.net' will be blacklisted
</snip>
...and the artifacts cannot be resolved (of course).
I tried to see if this is a JRE specific problem. Downloaded a
Java-based WebDAV client (DAVExplorer), and it fails to connect with
this error message:
javax.net.ssl.SSLException: Name in certificate "his.domain.name" does
not match host name "my.domain.name"
Anyone knows about a hidden switch/option/configuration file to make the
JRE accept the SSL connection even if the host name doesn't match to
that on the certificate?
Please help,
Adrian.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: [m2] SSL certificate name does not match
Posted by David Williams <dn...@gmail.com>.
Adrian,
I don't know if you have already done this or not but I wanted to tell you
anyway just in case. I have Java 1.5.0_12 installed on my machine. When it
was installed, it installed the JDK and JRE directories as listed below.
C:\jdk1.5.0_12
C:\jre1.5.0_12
I first copied the jssecacert file to the
C:\jre1.5.0_12\lib\securitydirectory but that didn't fix the problem.
I then copied the file to the
C:\jdk1.5.0_12\jre\lib\security directory and that worked. Again, this most
likely won't help but I wanted to post it just in case.
David
On 10/13/07, Adrian Herscu <bm...@fastmail.fm> wrote:
>
> Hi David,
>
> Thanks for your reply.
> I checked that blog; however the solution described there seems to
> belong to other problem:
>
> <snip>
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
> [This happens] when trying to open an SSL connection to a host using
> JSSE. What this usually means is that the server is using a test
> certificate (possibly generated using keytool) rather than a certificate
> from a well known commercial Certification Authority such as Verisign or
> GoDaddy. Web browsers display warning dialogs in this case, but since
> JSSE cannot assume an interactive user is present it just throws an
> exception by default.
> </snip>
>
> Because I am somewhat desperate, I have tested that program. It seems to
> do what the standard keytool does... I copied the generated jssecacert
> file into my ${jre.home}/lib/security directory and hoped for the
> best... But it didn't happen :-( I checked that the file was read using
> a file monitor, and it was read.
>
> It seems that the solution could only be provided by applications (
>
> http://java.sun.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#ciphersuitechoice
> ).
> In this case, Maven should provide the option to override the default
> host name checking algorithm with a do-nothing one.
>
> Adrian.
>
> David Williams wrote:
> > Sorry it was late when I replied. = ) Here's the link
> > http://blogs.sun.com/andreas/entry/no_more_unable_to_find
> >
> > On 10/11/07, Adrian Herscu <bm...@fastmail.fm> wrote:
> >> Yeah... Where is the link :-)?
> >>
> >> I tried to play with the keytool program. I have imported the SSL
> >> certificate into my key store; this creates a file named .keystore in
> >> C:\Documents and Settings\me. I tried to run Maven and DAVExplorer;
> >> their behavior did not change :-(
> >>
> >> Now the weird things:
> >>
> >> 1. I have monitored the file access to the .keystore file. When I am
> >> running keytool -list the .keystore file is accessed (seems like my
> file
> >> monitoring program works). When I am running Maven or DAVExplorer, the
> >> .keystore file is not accessed at all!
> >> 2. Maven is able to upload files to my WebDAV server! If I am building
> >> all my modules locally, then I can run mvn deploy and the files are
> >> uploaded!!!
> >>
> >> Adrian.
> >>
> >> Tim Kettler wrote:
> >>> Where's the link :-)?
> >>>
> >>> David Williams schrieb:
> >>>> Adrian,
> >>>>
> >>>> This link may help you. This java program allows you to manually
> >>>> accept the
> >>>> cert and place the generated file in your JDK or JRE. Then the java
> >>>> keeps
> >>>> it as an accept cert. I have not tried this with Maven but it worked
> >>>> with
> >>>> another application where the cert didn't match the server
> name. Down
> >>>> side
> >>>> is that it would have to be on every user's machine.
> >>>>
> >>>> Thanks,
> >>>>
> >>>> David
> >>>>
> >>>> On 10/10/07, Adrian Herscu <bm...@fastmail.fm> wrote:
> >>>>> Hi all,
> >>>>>
> >>>>> I am hosting my project sources and binaries with some external
> >>>>> provider. He cannot set up an SSL certificate for my domain name...
> >>>>> Meanwhile, the only alternative is accept those SSL warnings about
> >>>>> domain name mismatch. I am getting them in my browser and also in my
> >> SVN
> >>>>> client.
> >>>>> Now I am trying to set up Maven to build and deploy my project to
> this
> >>>>> provider. The problem is that I am getting these messages from
> Maven:
> >>>>>
> >>>>> <snip>
> >>>>> [WARNING] repository metadata for: 'snapshot
> >>>>> org.wirexn.build.extensions:wirexn-
> >>>>> build-extensions:1.0-alpha-4-SNAPSHOT' could not be retrieved from
> >>>>> repository: s
> >>>>> napshots@wirexn.net due to an error: Error transferring file
> >>>>> [INFO] Repository 'snapshots@wirexn.net' will be blacklisted
> >>>>> </snip>
> >>>>>
> >>>>> ...and the artifacts cannot be resolved (of course).
> >>>>>
> >>>>> I tried to see if this is a JRE specific problem. Downloaded a
> >>>>> Java-based WebDAV client (DAVExplorer), and it fails to connect with
> >>>>> this error message:
> >>>>>
> >>>>> javax.net.ssl.SSLException: Name in certificate "his.domain.name"
> does
> >>>>> not match host name " my.domain.name"
> >>>>>
> >>>>> Anyone knows about a hidden switch/option/configuration file to make
> >> the
> >>>>> JRE accept the SSL connection even if the host name doesn't match to
> >>>>> that on the certificate?
> >>>>>
> >>>>> Please help,
> >>>>> Adrian.
> >>>>>
> >>>>>
> >>>>>
> ---------------------------------------------------------------------
> >>>>> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> >>>>> For additional commands, e-mail: users-help@maven.apache.org
> >>>>>
> >>>>>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> >> For additional commands, e-mail: users-help@maven.apache.org
> >>
> >>
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> For additional commands, e-mail: users-help@maven.apache.org
>
>
Re: [m2] SSL certificate name does not match
Posted by Adrian Herscu <bm...@fastmail.fm>.
Perhaps sometime, someone will want to add a switch that turns off host
name verification. This seems to be supported in the HttpClient 4.0 API.
Any comments?
Adrian Herscu wrote:
> Hi David,
>
> Thanks for your reply.
> I checked that blog; however the solution described there seems to
> belong to other problem:
>
> <snip>
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
> [This happens] when trying to open an SSL connection to a host using
> JSSE. What this usually means is that the server is using a test
> certificate (possibly generated using keytool) rather than a certificate
> from a well known commercial Certification Authority such as Verisign or
> GoDaddy. Web browsers display warning dialogs in this case, but since
> JSSE cannot assume an interactive user is present it just throws an
> exception by default.
> </snip>
>
> Because I am somewhat desperate, I have tested that program. It seems to
> do what the standard keytool does... I copied the generated jssecacert
> file into my ${jre.home}/lib/security directory and hoped for the
> best... But it didn't happen :-( I checked that the file was read using
> a file monitor, and it was read.
>
> It seems that the solution could only be provided by applications (
> http://java.sun.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#ciphersuitechoice).
>
> In this case, Maven should provide the option to override the default
> host name checking algorithm with a do-nothing one.
>
> Adrian.
>
> David Williams wrote:
>> Sorry it was late when I replied. = ) Here's the link
>> http://blogs.sun.com/andreas/entry/no_more_unable_to_find
>>
>> On 10/11/07, Adrian Herscu <bm...@fastmail.fm> wrote:
>>> Yeah... Where is the link :-)?
>>>
>>> I tried to play with the keytool program. I have imported the SSL
>>> certificate into my key store; this creates a file named .keystore in
>>> C:\Documents and Settings\me. I tried to run Maven and DAVExplorer;
>>> their behavior did not change :-(
>>>
>>> Now the weird things:
>>>
>>> 1. I have monitored the file access to the .keystore file. When I am
>>> running keytool -list the .keystore file is accessed (seems like my file
>>> monitoring program works). When I am running Maven or DAVExplorer, the
>>> .keystore file is not accessed at all!
>>> 2. Maven is able to upload files to my WebDAV server! If I am building
>>> all my modules locally, then I can run mvn deploy and the files are
>>> uploaded!!!
>>>
>>> Adrian.
>>>
>>> Tim Kettler wrote:
>>>> Where's the link :-)?
>>>>
>>>> David Williams schrieb:
>>>>> Adrian,
>>>>>
>>>>> This link may help you. This java program allows you to manually
>>>>> accept the
>>>>> cert and place the generated file in your JDK or JRE. Then the java
>>>>> keeps
>>>>> it as an accept cert. I have not tried this with Maven but it worked
>>>>> with
>>>>> another application where the cert didn't match the server name. Down
>>>>> side
>>>>> is that it would have to be on every user's machine.
>>>>>
>>>>> Thanks,
>>>>>
>>>>> David
>>>>>
>>>>> On 10/10/07, Adrian Herscu <bm...@fastmail.fm> wrote:
>>>>>> Hi all,
>>>>>>
>>>>>> I am hosting my project sources and binaries with some external
>>>>>> provider. He cannot set up an SSL certificate for my domain name...
>>>>>> Meanwhile, the only alternative is accept those SSL warnings about
>>>>>> domain name mismatch. I am getting them in my browser and also in my
>>> SVN
>>>>>> client.
>>>>>> Now I am trying to set up Maven to build and deploy my project to
>>>>>> this
>>>>>> provider. The problem is that I am getting these messages from Maven:
>>>>>>
>>>>>> <snip>
>>>>>> [WARNING] repository metadata for: 'snapshot
>>>>>> org.wirexn.build.extensions:wirexn-
>>>>>> build-extensions:1.0-alpha-4-SNAPSHOT' could not be retrieved from
>>>>>> repository: s
>>>>>> napshots@wirexn.net due to an error: Error transferring file
>>>>>> [INFO] Repository 'snapshots@wirexn.net' will be blacklisted
>>>>>> </snip>
>>>>>>
>>>>>> ...and the artifacts cannot be resolved (of course).
>>>>>>
>>>>>> I tried to see if this is a JRE specific problem. Downloaded a
>>>>>> Java-based WebDAV client (DAVExplorer), and it fails to connect with
>>>>>> this error message:
>>>>>>
>>>>>> javax.net.ssl.SSLException: Name in certificate "his.domain.name"
>>>>>> does
>>>>>> not match host name " my.domain.name"
>>>>>>
>>>>>> Anyone knows about a hidden switch/option/configuration file to make
>>> the
>>>>>> JRE accept the SSL connection even if the host name doesn't match to
>>>>>> that on the certificate?
>>>>>>
>>>>>> Please help,
>>>>>> Adrian.
>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
>>>>>> For additional commands, e-mail: users-help@maven.apache.org
>>>>>>
>>>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
>>> For additional commands, e-mail: users-help@maven.apache.org
>>>
>>>
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: [m2] SSL certificate name does not match
Posted by Adrian Herscu <bm...@fastmail.fm>.
Hi David,
Thanks for your reply.
I checked that blog; however the solution described there seems to
belong to other problem:
<snip>
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
[This happens] when trying to open an SSL connection to a host using
JSSE. What this usually means is that the server is using a test
certificate (possibly generated using keytool) rather than a certificate
from a well known commercial Certification Authority such as Verisign or
GoDaddy. Web browsers display warning dialogs in this case, but since
JSSE cannot assume an interactive user is present it just throws an
exception by default.
</snip>
Because I am somewhat desperate, I have tested that program. It seems to
do what the standard keytool does... I copied the generated jssecacert
file into my ${jre.home}/lib/security directory and hoped for the
best... But it didn't happen :-( I checked that the file was read using
a file monitor, and it was read.
It seems that the solution could only be provided by applications (
http://java.sun.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#ciphersuitechoice).
In this case, Maven should provide the option to override the default
host name checking algorithm with a do-nothing one.
Adrian.
David Williams wrote:
> Sorry it was late when I replied. = ) Here's the link
> http://blogs.sun.com/andreas/entry/no_more_unable_to_find
>
> On 10/11/07, Adrian Herscu <bm...@fastmail.fm> wrote:
>> Yeah... Where is the link :-)?
>>
>> I tried to play with the keytool program. I have imported the SSL
>> certificate into my key store; this creates a file named .keystore in
>> C:\Documents and Settings\me. I tried to run Maven and DAVExplorer;
>> their behavior did not change :-(
>>
>> Now the weird things:
>>
>> 1. I have monitored the file access to the .keystore file. When I am
>> running keytool -list the .keystore file is accessed (seems like my file
>> monitoring program works). When I am running Maven or DAVExplorer, the
>> .keystore file is not accessed at all!
>> 2. Maven is able to upload files to my WebDAV server! If I am building
>> all my modules locally, then I can run mvn deploy and the files are
>> uploaded!!!
>>
>> Adrian.
>>
>> Tim Kettler wrote:
>>> Where's the link :-)?
>>>
>>> David Williams schrieb:
>>>> Adrian,
>>>>
>>>> This link may help you. This java program allows you to manually
>>>> accept the
>>>> cert and place the generated file in your JDK or JRE. Then the java
>>>> keeps
>>>> it as an accept cert. I have not tried this with Maven but it worked
>>>> with
>>>> another application where the cert didn't match the server name. Down
>>>> side
>>>> is that it would have to be on every user's machine.
>>>>
>>>> Thanks,
>>>>
>>>> David
>>>>
>>>> On 10/10/07, Adrian Herscu <bm...@fastmail.fm> wrote:
>>>>> Hi all,
>>>>>
>>>>> I am hosting my project sources and binaries with some external
>>>>> provider. He cannot set up an SSL certificate for my domain name...
>>>>> Meanwhile, the only alternative is accept those SSL warnings about
>>>>> domain name mismatch. I am getting them in my browser and also in my
>> SVN
>>>>> client.
>>>>> Now I am trying to set up Maven to build and deploy my project to this
>>>>> provider. The problem is that I am getting these messages from Maven:
>>>>>
>>>>> <snip>
>>>>> [WARNING] repository metadata for: 'snapshot
>>>>> org.wirexn.build.extensions:wirexn-
>>>>> build-extensions:1.0-alpha-4-SNAPSHOT' could not be retrieved from
>>>>> repository: s
>>>>> napshots@wirexn.net due to an error: Error transferring file
>>>>> [INFO] Repository 'snapshots@wirexn.net' will be blacklisted
>>>>> </snip>
>>>>>
>>>>> ...and the artifacts cannot be resolved (of course).
>>>>>
>>>>> I tried to see if this is a JRE specific problem. Downloaded a
>>>>> Java-based WebDAV client (DAVExplorer), and it fails to connect with
>>>>> this error message:
>>>>>
>>>>> javax.net.ssl.SSLException: Name in certificate "his.domain.name" does
>>>>> not match host name " my.domain.name"
>>>>>
>>>>> Anyone knows about a hidden switch/option/configuration file to make
>> the
>>>>> JRE accept the SSL connection even if the host name doesn't match to
>>>>> that on the certificate?
>>>>>
>>>>> Please help,
>>>>> Adrian.
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
>>>>> For additional commands, e-mail: users-help@maven.apache.org
>>>>>
>>>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
>> For additional commands, e-mail: users-help@maven.apache.org
>>
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: [m2] SSL certificate name does not match
Posted by David Williams <dn...@gmail.com>.
Sorry it was late when I replied. = ) Here's the link
http://blogs.sun.com/andreas/entry/no_more_unable_to_find
On 10/11/07, Adrian Herscu <bm...@fastmail.fm> wrote:
>
> Yeah... Where is the link :-)?
>
> I tried to play with the keytool program. I have imported the SSL
> certificate into my key store; this creates a file named .keystore in
> C:\Documents and Settings\me. I tried to run Maven and DAVExplorer;
> their behavior did not change :-(
>
> Now the weird things:
>
> 1. I have monitored the file access to the .keystore file. When I am
> running keytool -list the .keystore file is accessed (seems like my file
> monitoring program works). When I am running Maven or DAVExplorer, the
> .keystore file is not accessed at all!
> 2. Maven is able to upload files to my WebDAV server! If I am building
> all my modules locally, then I can run mvn deploy and the files are
> uploaded!!!
>
> Adrian.
>
> Tim Kettler wrote:
> > Where's the link :-)?
> >
> > David Williams schrieb:
> >> Adrian,
> >>
> >> This link may help you. This java program allows you to manually
> >> accept the
> >> cert and place the generated file in your JDK or JRE. Then the java
> >> keeps
> >> it as an accept cert. I have not tried this with Maven but it worked
> >> with
> >> another application where the cert didn't match the server name. Down
> >> side
> >> is that it would have to be on every user's machine.
> >>
> >> Thanks,
> >>
> >> David
> >>
> >> On 10/10/07, Adrian Herscu <bm...@fastmail.fm> wrote:
> >>> Hi all,
> >>>
> >>> I am hosting my project sources and binaries with some external
> >>> provider. He cannot set up an SSL certificate for my domain name...
> >>> Meanwhile, the only alternative is accept those SSL warnings about
> >>> domain name mismatch. I am getting them in my browser and also in my
> SVN
> >>> client.
> >>> Now I am trying to set up Maven to build and deploy my project to this
> >>> provider. The problem is that I am getting these messages from Maven:
> >>>
> >>> <snip>
> >>> [WARNING] repository metadata for: 'snapshot
> >>> org.wirexn.build.extensions:wirexn-
> >>> build-extensions:1.0-alpha-4-SNAPSHOT' could not be retrieved from
> >>> repository: s
> >>> napshots@wirexn.net due to an error: Error transferring file
> >>> [INFO] Repository 'snapshots@wirexn.net' will be blacklisted
> >>> </snip>
> >>>
> >>> ...and the artifacts cannot be resolved (of course).
> >>>
> >>> I tried to see if this is a JRE specific problem. Downloaded a
> >>> Java-based WebDAV client (DAVExplorer), and it fails to connect with
> >>> this error message:
> >>>
> >>> javax.net.ssl.SSLException: Name in certificate "his.domain.name" does
> >>> not match host name " my.domain.name"
> >>>
> >>> Anyone knows about a hidden switch/option/configuration file to make
> the
> >>> JRE accept the SSL connection even if the host name doesn't match to
> >>> that on the certificate?
> >>>
> >>> Please help,
> >>> Adrian.
> >>>
> >>>
> >>> ---------------------------------------------------------------------
> >>> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> >>> For additional commands, e-mail: users-help@maven.apache.org
> >>>
> >>>
> >>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> For additional commands, e-mail: users-help@maven.apache.org
>
>
Re: [m2] SSL certificate name does not match
Posted by Adrian Herscu <bm...@fastmail.fm>.
Yeah... Where is the link :-)?
I tried to play with the keytool program. I have imported the SSL
certificate into my key store; this creates a file named .keystore in
C:\Documents and Settings\me. I tried to run Maven and DAVExplorer;
their behavior did not change :-(
Now the weird things:
1. I have monitored the file access to the .keystore file. When I am
running keytool -list the .keystore file is accessed (seems like my file
monitoring program works). When I am running Maven or DAVExplorer, the
.keystore file is not accessed at all!
2. Maven is able to upload files to my WebDAV server! If I am building
all my modules locally, then I can run mvn deploy and the files are
uploaded!!!
Adrian.
Tim Kettler wrote:
> Where's the link :-)?
>
> David Williams schrieb:
>> Adrian,
>>
>> This link may help you. This java program allows you to manually
>> accept the
>> cert and place the generated file in your JDK or JRE. Then the java
>> keeps
>> it as an accept cert. I have not tried this with Maven but it worked
>> with
>> another application where the cert didn't match the server name. Down
>> side
>> is that it would have to be on every user's machine.
>>
>> Thanks,
>>
>> David
>>
>> On 10/10/07, Adrian Herscu <bm...@fastmail.fm> wrote:
>>> Hi all,
>>>
>>> I am hosting my project sources and binaries with some external
>>> provider. He cannot set up an SSL certificate for my domain name...
>>> Meanwhile, the only alternative is accept those SSL warnings about
>>> domain name mismatch. I am getting them in my browser and also in my SVN
>>> client.
>>> Now I am trying to set up Maven to build and deploy my project to this
>>> provider. The problem is that I am getting these messages from Maven:
>>>
>>> <snip>
>>> [WARNING] repository metadata for: 'snapshot
>>> org.wirexn.build.extensions:wirexn-
>>> build-extensions:1.0-alpha-4-SNAPSHOT' could not be retrieved from
>>> repository: s
>>> napshots@wirexn.net due to an error: Error transferring file
>>> [INFO] Repository 'snapshots@wirexn.net' will be blacklisted
>>> </snip>
>>>
>>> ...and the artifacts cannot be resolved (of course).
>>>
>>> I tried to see if this is a JRE specific problem. Downloaded a
>>> Java-based WebDAV client (DAVExplorer), and it fails to connect with
>>> this error message:
>>>
>>> javax.net.ssl.SSLException: Name in certificate "his.domain.name" does
>>> not match host name "my.domain.name"
>>>
>>> Anyone knows about a hidden switch/option/configuration file to make the
>>> JRE accept the SSL connection even if the host name doesn't match to
>>> that on the certificate?
>>>
>>> Please help,
>>> Adrian.
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
>>> For additional commands, e-mail: users-help@maven.apache.org
>>>
>>>
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: [m2] SSL certificate name does not match
Posted by Tim Kettler <ti...@udo.edu>.
Where's the link :-)?
David Williams schrieb:
> Adrian,
>
> This link may help you. This java program allows you to manually accept the
> cert and place the generated file in your JDK or JRE. Then the java keeps
> it as an accept cert. I have not tried this with Maven but it worked with
> another application where the cert didn't match the server name. Down side
> is that it would have to be on every user's machine.
>
> Thanks,
>
> David
>
> On 10/10/07, Adrian Herscu <bm...@fastmail.fm> wrote:
>> Hi all,
>>
>> I am hosting my project sources and binaries with some external
>> provider. He cannot set up an SSL certificate for my domain name...
>> Meanwhile, the only alternative is accept those SSL warnings about
>> domain name mismatch. I am getting them in my browser and also in my SVN
>> client.
>> Now I am trying to set up Maven to build and deploy my project to this
>> provider. The problem is that I am getting these messages from Maven:
>>
>> <snip>
>> [WARNING] repository metadata for: 'snapshot
>> org.wirexn.build.extensions:wirexn-
>> build-extensions:1.0-alpha-4-SNAPSHOT' could not be retrieved from
>> repository: s
>> napshots@wirexn.net due to an error: Error transferring file
>> [INFO] Repository 'snapshots@wirexn.net' will be blacklisted
>> </snip>
>>
>> ...and the artifacts cannot be resolved (of course).
>>
>> I tried to see if this is a JRE specific problem. Downloaded a
>> Java-based WebDAV client (DAVExplorer), and it fails to connect with
>> this error message:
>>
>> javax.net.ssl.SSLException: Name in certificate "his.domain.name" does
>> not match host name "my.domain.name"
>>
>> Anyone knows about a hidden switch/option/configuration file to make the
>> JRE accept the SSL connection even if the host name doesn't match to
>> that on the certificate?
>>
>> Please help,
>> Adrian.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
>> For additional commands, e-mail: users-help@maven.apache.org
>>
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: [m2] SSL certificate name does not match
Posted by David Williams <dn...@gmail.com>.
Adrian,
This link may help you. This java program allows you to manually accept the
cert and place the generated file in your JDK or JRE. Then the java keeps
it as an accept cert. I have not tried this with Maven but it worked with
another application where the cert didn't match the server name. Down side
is that it would have to be on every user's machine.
Thanks,
David
On 10/10/07, Adrian Herscu <bm...@fastmail.fm> wrote:
>
> Hi all,
>
> I am hosting my project sources and binaries with some external
> provider. He cannot set up an SSL certificate for my domain name...
> Meanwhile, the only alternative is accept those SSL warnings about
> domain name mismatch. I am getting them in my browser and also in my SVN
> client.
> Now I am trying to set up Maven to build and deploy my project to this
> provider. The problem is that I am getting these messages from Maven:
>
> <snip>
> [WARNING] repository metadata for: 'snapshot
> org.wirexn.build.extensions:wirexn-
> build-extensions:1.0-alpha-4-SNAPSHOT' could not be retrieved from
> repository: s
> napshots@wirexn.net due to an error: Error transferring file
> [INFO] Repository 'snapshots@wirexn.net' will be blacklisted
> </snip>
>
> ...and the artifacts cannot be resolved (of course).
>
> I tried to see if this is a JRE specific problem. Downloaded a
> Java-based WebDAV client (DAVExplorer), and it fails to connect with
> this error message:
>
> javax.net.ssl.SSLException: Name in certificate "his.domain.name" does
> not match host name "my.domain.name"
>
> Anyone knows about a hidden switch/option/configuration file to make the
> JRE accept the SSL connection even if the host name doesn't match to
> that on the certificate?
>
> Please help,
> Adrian.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> For additional commands, e-mail: users-help@maven.apache.org
>
>