Configure Maven to Skip SSL Certificate Verification

From NovaOrdis Knowledge Base
Revision as of 10:05, 9 December 2017 by Ovidiu (talk | contribs) (→‎Overview)
Jump to navigation Jump to search

External

Internal

Overview

If maven is configured to download dependencies from a HTTPS repository that uses self-signed certificates, it fails with:

mvn clean install
Downloading: https://nexus-cicd.apps.openshift.novaordis.io/content/groups/public/org/apache/maven/plugins/maven-source-plugin/maven-metadata.xml
[WARNING] Could not transfer metadata org.apache.maven.plugins:maven-source-plugin/maven-metadata.xml from/to nexus \
(https://nexus-cicd.apps.openshift.novaordis.io/content/groups/public/): sun.security.validator.ValidatorException: \
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target


with a repository that is uses self-signed certificates

Set the appropriate system property in command line:

-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true