You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Matthew Sayler (JIRA)" <ji...@codehaus.org> on 2008/10/30 20:17:51 UTC
[jira] Issue Comment Edited: (MNG-3230) HTTPS with self-signed
certificate does not work, no error message.
[ http://jira.codehaus.org/browse/MNG-3230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=152500#action_152500 ]
sayler edited comment on MNG-3230 at 10/30/08 2:16 PM:
---------------------------------------------------------------
As a random voice from the ether, I'd like to second getting a better error message out of Maven (eg tried to download, but SSL certificate was not trusted)
That being said, the following horrible one-liner fixes the problem on Unix-like systems with JAVA_HOME set:
{noformat}
echo |openssl s_client -connect www.myrepository.tld:443 2>&1 |sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo keytool -import -trustcacerts -alias "my maven" -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt
{noformat}
where www.myrepository.443 is the host:port of your repository and "my maven" is a unique name in your keystore and changeit is the default keystore password.
was (Author: sayler):
As a random voice from the ether, I'd like to second getting a better error message out of Maven (eg tried to download, but SSL certificate was not trusted)
That being said, the following horrible one-liner fixes the problem on Unix-like systems with JAVA_HOME set:
echo |openssl s_client -connect www.myrepository.tld:443 2>&1 |sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo keytool -import -trustcacerts -alias "my maven" -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt
where www.myrepository.443 is the host:port of your repository and "my maven" is a unique name in your keystore and changeit is the default keystore password.
> HTTPS with self-signed certificate does not work, no error message.
> -------------------------------------------------------------------
>
> Key: MNG-3230
> URL: http://jira.codehaus.org/browse/MNG-3230
> Project: Maven 2
> Issue Type: Bug
> Components: Artifacts and Repositories
> Affects Versions: 2.0.7
> Reporter: Andreas Krüger
> Fix For: 2.0.x
>
>
> We have a repository server that serves the same files both via HTTPS and HTTP.
> Maven is not able to find artifacts when using HTTPS. All goes well when using HTTP.
> The problem probably is that the HTTPS - certificate used by the repository server is self-signed, and Maven has not been configured to accept that certificate as genuine. (This is a guess.)
> Expected behavior: With HTTPS, build does not continue. Maven gives an error message indicating the problem is certificate-related.
> Behavior seen: Maven reacts as if there were no problem connecting the repository, but as if the artifact were missing from the repository. It continues to search other repositories as happen to be configured. (However, the artifact is clearly there, e.g., can be downloaded with "wget --no-check-certificate " via HTTPS.)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira