You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Rupinder S. Gill (Jira)" <ji...@apache.org> on 2023/02/16 15:09:00 UTC
[jira] [Created] (MNG-7694) Maven 3.9.0 switched to HttpTransporter from WagonTransporter, breaking downloads from server using self-signed SSL-certs
Rupinder S. Gill created MNG-7694:
-------------------------------------
Summary: Maven 3.9.0 switched to HttpTransporter from WagonTransporter, breaking downloads from server using self-signed SSL-certs
Key: MNG-7694
URL: https://issues.apache.org/jira/browse/MNG-7694
Project: Maven
Issue Type: Bug
Components: Artifacts and Repositories
Affects Versions: 3.9.0
Environment: Bitbucket pipeline build using maven:3.9.0-eclipse-temurin-8 docker image.
Reporter: Rupinder S. Gill
Our Bitbucket pipeline stopped working this morning, failing to download a plugin from our maven repository (Reposilite) that uses self-signed SSL-certificate. We are passing "-Dmaven.http.ssl.insecure=true" option to mvn and all versions of maven up-to 3.8.7 work fine.
Doing some digging with the -X option, we discovered that our pipeline was now using maven 3.9.0, which no longer uses WagonTransporter. Instead, HttpTransporter is used, which is raising "SunCertPathBuilderException: unable to find valid certification path to requested target" exception (similar to what WagonTransporter would do without the "-Dmaven.http.ssl.insecure=true" option.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)