[
http://jira.codehaus.org/browse/MNG-3230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=152500#action_152500
]
sayler edited comment on MNG-3230 at 10/30/08 2:16 PM:
---------------------------------------------------------------
As a random voice from the ether, I'd like to second getting a better error
message out of Maven (eg tried to download, but SSL certificate was not trusted)
That being said, the following horrible one-liner fixes the problem on
Unix-like systems with JAVA_HOME set:
{noformat}
echo |openssl s_client -connect www.myrepository.tld:443 2>&1 |sed -ne '/-BEGIN
CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo keytool -import -trustcacerts -alias
"my maven" -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit
-noprompt
{noformat}
where www.myrepository.443 is the host:port of your repository and "my maven"
is a unique name in your keystore and changeit is the default keystore password.
was (Author: sayler):
As a random voice from the ether, I'd like to second getting a better error
message out of Maven (eg tried to download, but SSL certificate was not trusted)
That being said, the following horrible one-liner fixes the problem on
Unix-like systems with JAVA_HOME set:
echo |openssl s_client -connect www.myrepository.tld:443 2>&1 |sed -ne '/-BEGIN
CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo keytool -import -trustcacerts -alias
"my maven" -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit
-noprompt
where www.myrepository.443 is the host:port of your repository and "my maven"
is a unique name in your keystore and changeit is the default keystore password.
> HTTPS with self-signed certificate does not work, no error message.
> -------------------------------------------------------------------
>
> Key: MNG-3230
> URL: http://jira.codehaus.org/browse/MNG-3230
> Project: Maven 2
> Issue Type: Bug
> Components: Artifacts and Repositories
> Affects Versions: 2.0.7
> Reporter: Andreas Krüger
> Fix For: 2.0.x
>
>
> We have a repository server that serves the same files both via HTTPS and
> HTTP.
> Maven is not able to find artifacts when using HTTPS. All goes well when
> using HTTP.
> The problem probably is that the HTTPS - certificate used by the repository
> server is self-signed, and Maven has not been configured to accept that
> certificate as genuine. (This is a guess.)
> Expected behavior: With HTTPS, build does not continue. Maven gives an error
> message indicating the problem is certificate-related.
> Behavior seen: Maven reacts as if there were no problem connecting the
> repository, but as if the artifact were missing from the repository. It
> continues to search other repositories as happen to be configured. (However,
> the artifact is clearly there, e.g., can be downloaded with "wget
> --no-check-certificate " via HTTPS.)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
