You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@maven.apache.org by Jason Mihalick <oo...@embarqmail.com> on 2007/10/23 18:21:02 UTC
release:prepare failure during scm-tag : Server certificate
verification failed: issuer is not trusted
I've been searching the groups, the web, and the doc and I've not been able
to find a solution to this. Any help you can offer is much appreciated.
I have successfully executed half of a release:prepare. The version numbers
in my all of my POMs were successfully updated and maven successfully
committed them to my scm repository. We are using subversion over https.
I've added the SSL certificate for the site to my keystore (at both the JVM
level and in a .keystore in my home directory). I have also checked that
the fingerprint for the cert was added to
~/.subversion/auth/svn.ssl.server. The release:prepare is failing with
this error when it attempts to create the tag for the release:
[INFO] [release:prepare]
[INFO] Resuming release from phase 'scm-tag'
[INFO] Tagging release with the label datamanager-1.0...
[INFO] Executing: svn --non-interactive copy --file
/tmp/maven-scm-2112306694.commit .
https://www.<domain-ommitted>.com/svn/tags/<dir-ommitted>/datamanager-1.0
[INFO] Working directory: /Users/jason/projects/DataManager-trunk
[INFO]
------------------------------------------------------------------------
[ERROR] BUILD FAILURE
[INFO]
------------------------------------------------------------------------
[INFO] Unable to tag SCM
Provider message:
The svn tag command failed.
Command output:
svn: PROPFIND request failed on '/svn/tags/<dir-ommitted>/datamanager-1.0'
svn: PROPFIND of '/svn/tags/<dir-ommitted>/datamanager-1.0': Server
certificate verification failed: issuer is not trusted
(https://www.<domain-ommitted>.com)
Why would the commit to the same SCM succeed, while the tag operation fails
with this error? I'm baffled.
Thanks for the help,
Jason
--
View this message in context: http://www.nabble.com/release%3Aprepare-failure-during-scm-tag-%3A---Server-certificate-verification-failed%3A-issuer-is-not-trusted-tf4678454s177.html#a13367420
Sent from the Maven - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: release:prepare failure during scm-tag : Server certificate verification failed: issuer is not trusted
Posted by Rémy Sanlaville <re...@gmail.com>.
Jason, I am happy to see that you solved your problem and it's nice from you
that you explained how to do it.
Graham, it's nice to know how Subclipse works especially to handling
credentials.
But as Jason mentioned, it's strange that the maven release plugin is able
to execute a commit but not a tag.
BTW, I find that it's a shame that we have to do svn log and ssh (for
instance with scp or sftp protocol) in order to handle credentials before
using the maven release plugin. It would be nice to be able to accept the
credential during the maven release plugin execution but it's not the case
for the moment and the execution is waiting, waiting (with scp or sftp
protocol) and you can do anything apart from killing the process...
Rémy
Re: release:prepare failure during scm-tag : Server certificate
verification failed: issuer is not trusted
Posted by Jason Mihalick <oo...@embarqmail.com>.
Thanks for the info Graham. That does make some sense. However, do you have
any ideas why the maven release plugin would be able to execute the commit
of the release POMs to the trunk prior to tagging? I can't figure that one
out, unless I've somehow misinterpreted the sequence of events that lead up
to this problem.
Best regards,
Jason
Graham Leggett wrote:
>
> On Fri, October 26, 2007 2:16 pm, Jason Mihalick wrote:
>
>> It seems as though the credentials that were cached by subclipse when I
>> did
>> the initial checkout of the sources were able to be used by maven when
>> committing my release to the trunk, but not when doing the tag. Why this
>> is
>> the case, I don't know.
>
> Subclipse (to my knowledge), uses a pure Java implementation of subversion
> in order to work. As I understand it, this pure Java client[1] has its own
> mechanism to handling credentials.
>
> Maven's scm handling calls the svn binary directly, which then uses a
> different mechanism for caching credentials. I suspect this is why your
> behaviour in subclipse doesn't follow on from the behaviour of the svn
> client.
>
> [1] The pure Java svn client was written to solve the painful issue of
> having to fiddle around with platform specific issues when trying to
> execute the svn native binary.
>
> Regards,
> Graham
> --
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> For additional commands, e-mail: users-help@maven.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/release%3Aprepare-failure-during-scm-tag-%3A---Server-certificate-verification-failed%3A-issuer-is-not-trusted-tf4678454s177.html#a13428128
Sent from the Maven - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: release:prepare failure during scm-tag : Server certificate
verification failed: issuer is not trusted
Posted by Graham Leggett <mi...@sharp.fm>.
On Fri, October 26, 2007 2:16 pm, Jason Mihalick wrote:
> It seems as though the credentials that were cached by subclipse when I
> did
> the initial checkout of the sources were able to be used by maven when
> committing my release to the trunk, but not when doing the tag. Why this
> is
> the case, I don't know.
Subclipse (to my knowledge), uses a pure Java implementation of subversion
in order to work. As I understand it, this pure Java client[1] has its own
mechanism to handling credentials.
Maven's scm handling calls the svn binary directly, which then uses a
different mechanism for caching credentials. I suspect this is why your
behaviour in subclipse doesn't follow on from the behaviour of the svn
client.
[1] The pure Java svn client was written to solve the painful issue of
having to fiddle around with platform specific issues when trying to
execute the svn native binary.
Regards,
Graham
--
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: release:prepare failure during scm-tag : Server certificate
verification failed: issuer is not trusted
Posted by Jason Mihalick <oo...@embarqmail.com>.
Thanks for the help Rémy. Although your suggestion wasn't the nature of our
specific problem, I did end up getting this working after some more
searching on Google. What is bothering me, though, is that I still don't
know exactly why there was a problem in the first place. Here is what
ended up working for me.
Background:
My sources were initially checked out using using the subclipse plugin in
eclipse. After I checked them out, I executed the 'mvn release:prepare'
command, which was successful up to the point of creating the release tag as
I have mentioned previously.
Solution:
After reading your response and doing some more searching on Google, I found
http://64.233.167.104/search?q=cache:c-eapRRo1_gJ:docs.codehaus.org/display/MAVENUSER/MavenAndSourceforge+%2522issuer+is+not+trusted%2522+svn&hl=en&ct=clnk&cd=25&gl=us&client=safari
this page on one of the codehaus wiki's. Their suggestion upon receiving
the "Server certificate verification failed: issuer is not trusted" was to
execute an 'svn log' command from the command line to force authentication
with the webserver. Sure enough, when I did that, the svn command line
client prompted me for my credentials and cached them. After that upon
executing an 'mvn release:prepare' maven was able to resume the release and
it was able to complete the tag operation.
It seems as though the credentials that were cached by subclipse when I did
the initial checkout of the sources were able to be used by maven when
committing my release to the trunk, but not when doing the tag. Why this is
the case, I don't know. Perhaps someone else can shed some light, but I've
had to file this as a UFO (Unexplained Funny Occurrence) and move on. sigh.
Thanks again for the help.
--
Jason
Rémy Sanlaville wrote:
>
> Hi Jason,
>
> Not sure, but if you can access to your svn repo with different URLs (
> https://www.<domain-ommitted>.com and http://www.<domain-ommitted>.com for
> instance) it's possible that you made a checkout via one URL
> (http://www.<domain-ommitted>.com
> for instance) and maven-release-plugin try with another URL specify in the
> scm section of your pom (https://www.<domain-ommitted>.com for instance).
>
> We had a such of problem with one of our project and maven-release-plugin
> could also commit but not tag.
>
> I am not sure for the explanation but maven-release-plugin uses the svn
> client install in your computer.
> For the commit, it uses all the information in your .svn
> For the tag, it seems that it indicates the URL of the tags (specify in
> the
> scm section of your pom) but in your .svn the URL is different and the
> certificate is linked only with the checkout URL.
>
> HTH,
>
> Rémy
>
>
--
View this message in context: http://www.nabble.com/release%3Aprepare-failure-during-scm-tag-%3A---Server-certificate-verification-failed%3A-issuer-is-not-trusted-tf4678454s177.html#a13425936
Sent from the Maven - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: release:prepare failure during scm-tag : Server certificate verification failed: issuer is not trusted
Posted by Rémy Sanlaville <re...@gmail.com>.
Hi Jason,
Not sure, but if you can access to your svn repo with different URLs (
https://www.<domain-ommitted>.com and http://www.<domain-ommitted>.com for
instance) it's possible that you made a checkout via one URL
(http://www.<domain-ommitted>.com
for instance) and maven-release-plugin try with another URL specify in the
scm section of your pom (https://www.<domain-ommitted>.com for instance).
We had a such of problem with one of our project and maven-release-plugin
could also commit but not tag.
I am not sure for the explanation but maven-release-plugin uses the svn
client install in your computer.
For the commit, it uses all the information in your .svn
For the tag, it seems that it indicates the URL of the tags (specify in the
scm section of your pom) but in your .svn the URL is different and the
certificate is linked only with the checkout URL.
HTH,
Rémy
Re: release:prepare failure during scm-tag : Server certificate
verification failed: issuer is not trusted
Posted by Jason Mihalick <oo...@embarqmail.com>.
Anyone have any ideas on why this would happen? Any help is appreciated.
Thanks.
--
Jason
Jason Mihalick wrote:
>
> I've been searching the groups, the web, and the doc and I've not been
> able to find a solution to this. Any help you can offer is much
> appreciated.
>
> I have successfully executed half of a release:prepare. The version
> numbers in my all of my POMs were successfully updated and maven
> successfully committed them to my scm repository. We are using subversion
> over https. I've added the SSL certificate for the site to my keystore
> (at both the JVM level and in a .keystore in my home directory). I have
> also checked that the fingerprint for the cert was added to
> ~/.subversion/auth/svn.ssl.server. The release:prepare is failing with
> this error when it attempts to create the tag for the release:
>
> [INFO] [release:prepare]
> [INFO] Resuming release from phase 'scm-tag'
> [INFO] Tagging release with the label datamanager-1.0...
> [INFO] Executing: svn --non-interactive copy --file
> /tmp/maven-scm-2112306694.commit .
> https://www.<domain-ommitted>.com/svn/tags/<dir-ommitted>/datamanager-1.0
> [INFO] Working directory: /Users/jason/projects/DataManager-trunk
> [INFO]
> ------------------------------------------------------------------------
> [ERROR] BUILD FAILURE
> [INFO]
> ------------------------------------------------------------------------
> [INFO] Unable to tag SCM
> Provider message:
> The svn tag command failed.
> Command output:
> svn: PROPFIND request failed on '/svn/tags/<dir-ommitted>/datamanager-1.0'
> svn: PROPFIND of '/svn/tags/<dir-ommitted>/datamanager-1.0': Server
> certificate verification failed: issuer is not trusted
> (https://www.<domain-ommitted>.com)
>
> Why would the commit to the same SCM succeed, while the tag operation
> fails with this error? I'm baffled.
>
> Thanks for the help,
> Jason
>
--
View this message in context: http://www.nabble.com/release%3Aprepare-failure-during-scm-tag-%3A---Server-certificate-verification-failed%3A-issuer-is-not-trusted-tf4678454s177.html#a13394158
Sent from the Maven - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org