Schlagwörter: bash Kommentarverlauf ein-/ausschalten | Tastaturkürzel

  • Andreas Höhmann 14:39 am Tuesday, 17. November 2009 Permalink |
    Tags: , bash, , , , , self signed, ssl   

    Maven https repository with self-signed ssl certificate 

    For a private project I try to use nexus behind apache and ssl. I used a self-signed certificate.

    But each nexus repository request ends with a security exception:

    [WARNING] repository metadata for: 'artifact org.apache.maven.plugins:maven-enforcer-plugin' could not be retrieved from repository: nexus-plugin-releases due to an error: Error transferring file: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    I found many site for that problem and they describe always the same solution

    import the self signed cert in your local truststore!

    … here are the steps:

    1. download the certificate
    2. create a local truststore and import the certificat
    3. call maven with the correct security properties

    The import is simple  (java keytool):

    keytool.exe -importcert
                -alias nexus-xxx
                -keystore xxx.jks
                -storepass secret
                -file xxx.crt

    For maven I’m using a cygwin bash alias:

    alias mvn_xxx='/cygdrive/d/maven-2.2.1/bin/mvn
    -gs "d:/maven-2.2.1/conf/settings-xxx.xml"
    -s "d:/maven-2.2.1/conf/settings-xxx.xml"
    -Djavax.net.ssl.trustStore=d:/maven-2.2.1/conf/xxx.jks
    -Djavax.net.ssl.trustStorePassword=secret'

    I point the global config  (-gs) and the personal config (-s) to the same file to ignore other configuration from my default maven config file (i.e. common mirros settings / repositories etc.).

    And at least here is my complete maven setting-nexus settings:

    <?xml version="1.0" encoding="UTF-8"?>
    <settings xmlns="http://maven.apache.org/settings/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
    
      <localRepository>D:\maven-repository-xxx</localRepository>
    
      <mirrors>
        <mirror>
          <id>xxx-nexus-snapshots</id>
          <mirrorOf>nexus-snapshots</mirrorOf>
          <url>https://nexus.xxx.com/content/groups/public-snapshots/</url>
        </mirror>
        <mirror>
          <id>xxx-nexus-snapshots</id>
          <mirrorOf>nexus-plugin-snapshots</mirrorOf>
          <url>https://nexus.xxx.com/content/groups/public-snapshots/</url>
        </mirror>
        <mirror>
          <id>xxx-nexus-releases</id>
          <mirrorOf>nexus-releases</mirrorOf>
          <url>https://nexus.xxx.com/content/groups/public/</url>
        </mirror>
        <mirror>
          <id>xxx-nexus-releases</id>
          <mirrorOf>nexus-plugin-releases</mirrorOf>
          <url>https://nexus.xxx.com/content/groups/public/</url>
        </mirror>
        <mirror>
          <id>xxx-nexus-releases</id>
          <mirrorOf>*</mirrorOf>
          <url>https://nexus.xxx.com/content/groups/public/</url>
        </mirror>
      </mirrors>
    
      <profiles>
        <profile>
          <id>xxx-nexus-mirror</id>
          <activation>
            <activeByDefault>true</activeByDefault>
          </activation>
          <repositories>
            <repository>
              <id>nexus-releases</id>
              <url>http://foobar</url>
              <releases>
                <enabled>true</enabled>
              </releases>
              <snapshots>
                <enabled>false</enabled>
              </snapshots>
            </repository>
            <repository>
              <id>nexus-snapshots</id>
              <url>http://foobar</url>
              <releases>
                <enabled>false</enabled>
              </releases>
              <snapshots>
                <enabled>true</enabled>
              </snapshots>
            </repository>
          </repositories>
          <pluginRepositories>
            <pluginRepository>
              <id>nexus-plugin-releases</id>
              <url>http://foobar</url>
              <releases>
                <enabled>true</enabled>
              </releases>
              <snapshots>
                <enabled>false</enabled>
              </snapshots>
            </pluginRepository>
            <pluginRepository>
              <id>nexus-plugin-snapshots</id>
              <url>http://foobar</url>
              <releases>
                <enabled>false</enabled>
              </releases>
              <snapshots>
                <enabled>true</enabled>
              </snapshots>
            </pluginRepository>
          </pluginRepositories>
        </profile>
      </profiles>
    
      <servers>
        <server>
          <id>xxx-nexus-releases</id>
          <username>foo</username>
          <password>bar</password>
        </server>
        <server>
          <id>xxx-nexus-snapshots</id>
          <username>foo</username>
          <password>bar</password>
        </server>
      </servers>
    
    </settings>
    

    You can replace xxx with your personal domain-alias.

    Advertisements
     
    • rherrick 21:00 am Dienstag, 31. August 2010 Permalink | Zum Antworten anmelden

      Very helpful post, thanks for taking the time to document this!

      I streamlined the command a little bit by setting MAVEN_OPTS to hold the -Dxxx options. So you would then have:

      MAVEN_OPTS=-Djavax.net.ssl.trustStore=d:/maven-2.2.1/conf/xxx.jks -Djavax.net.ssl.trustStorePassword=secret

      And you could run the command like this:

      mvn -gs xxx -s xxx clean install

    • joltcan 21:02 am Sonntag, 10. Februar 2013 Permalink | Zum Antworten anmelden

      Thank you so much, the keystore tip saved my dat!

  • Andreas Höhmann 15:57 am Monday, 2. November 2009 Permalink |
    Tags: , bash, , function, java rebel, jrebel,   

    Toggle jrebel with a cygwin bash function and maven 

    I’m using java rebel for web development with maven.

    Sometimes I would run jetty with jrebel sometimes without.

    For that I’m using two simple bash functions:

    # ~/.bashrc
    
    #
    # Maven options
    #
    export INTERNAL_MAVEN_OPTS="-Xmx512m -XX:PermSize=128m -XX:MaxPermSize=128m"
    
    #
    # Java Rebel
    #
    export JAVA_REBEL="-Drebel.spring_plugin=true -noverify -javaagent:D:/tools/javarebel/jrebel.jar -Drebel.packages=de.ahoehma"
    
    function jrebel_on() {
     export MAVEN_OPTS="$INTERNAL_MAVEN_OPTS $JAVA_REBEL"
    }
    
    function jrebel_off() {
     export MAVEN_OPTS="$INTERNAL_MAVEN_OPTS"
    }
    

    Now its very simple to enable

    $ jrebel_on
    

    or disable jrebel

    $ jrebel_off
    
     
c
Neuen Beitrag erstellen
j
nächster Beitrag/nächster Kommentar
k
vorheriger Beitrag/vorheriger Kommentar
r
Antworten
e
Bearbeiten
o
zeige/verstecke Kommentare
t
Zum Anfang gehen
l
zum Login
h
Zeige/Verberge Hilfe
Shift + ESC
Abbrechen