You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Rupinder S. Gill (Jira)" <ji...@apache.org> on 2023/02/16 15:09:00 UTC

[jira] [Created] (MNG-7694) Maven 3.9.0 switched to HttpTransporter from WagonTransporter, breaking downloads from server using self-signed SSL-certs

Rupinder S. Gill created MNG-7694:
-------------------------------------

             Summary: Maven 3.9.0 switched to HttpTransporter from WagonTransporter, breaking downloads from server using self-signed SSL-certs
                 Key: MNG-7694
                 URL: https://issues.apache.org/jira/browse/MNG-7694
             Project: Maven
          Issue Type: Bug
          Components: Artifacts and Repositories
    Affects Versions: 3.9.0
         Environment: Bitbucket pipeline build using maven:3.9.0-eclipse-temurin-8 docker image.
            Reporter: Rupinder S. Gill


Our Bitbucket pipeline stopped working this morning, failing to download a plugin from our maven repository (Reposilite) that uses self-signed SSL-certificate.  We are passing "-Dmaven.http.ssl.insecure=true" option to mvn and all versions of maven up-to 3.8.7 work fine. 

Doing some digging with the -X option, we discovered that our pipeline was now using maven 3.9.0, which no longer uses WagonTransporter.  Instead, HttpTransporter is used, which is raising "SunCertPathBuilderException: unable to find valid certification path to requested target" exception (similar to what WagonTransporter would do without the "-Dmaven.http.ssl.insecure=true" option.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)