You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Gili (JIRA)" <ji...@codehaus.org> on 2013/01/15 20:41:15 UTC

[jira] (MNG-5363) Regression for SSLv3

    [ https://jira.codehaus.org/browse/MNG-5363?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=317374#comment-317374 ] 

Gili commented on MNG-5363:
---------------------------

Is the "component" on this bug report correct? Shouldn't this be fixed against Maven core or the release plugin?
                
> Regression for SSLv3
> --------------------
>
>                 Key: MNG-5363
>                 URL: https://jira.codehaus.org/browse/MNG-5363
>             Project: Maven 2 & 3
>          Issue Type: Bug
>          Components: Errors
>    Affects Versions: 3.0.4
>         Environment: Operation system independent, but tested on Macbook Pro with 10.6 and Red Hat Enterprise Linux 6 on a virtual machine.
>            Reporter: James Kionka
>
> When attempting to access a Maven repository which uses SSLv3, you get the following error, "javax.net.ssl.SSLException: Received fatal alert: bad_record_mac".
> Earlier versions of Maven used java.net.URLConnection which respects the https.protocols system property. This allowed us to set it to SSLv3, which is what our Maven repository uses. However, HttpClient ignores that property. In other situations, we programmatically tell HttpClient to use SSLv3, which we cannot do from our end.
> You can find another person in the same situation here: http://stackoverflow.com/questions/12787657/received-fatal-alert-bad-record-mac-when-deploying-to-sonatype

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://jira.codehaus.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira