This is more of a Java question than a Maven question at this point. Maven uses Java to validate certificates as a part of channel security. If you don't want channel security, don't use SSL ;)
I don't have enough Windoze foo to help you past this point, maybe someone else on the list does. But you shouldn't have had these problems if you read those google results closely enough and I bet you can solve it yourself before someone else were to respond... Good luck! On Sep 22, 2012, at 9:12 PM, David Hoffer <[email protected]> wrote: > Thanks, I thought sure that was going to fix it...but after that change I > still get this: > > [ERROR] Failed to execute goal > org.apache.maven.plugins:maven-release-plugin:2.3.2:prepare (default-cli) > on project dhs-commons: Unable to tag SCM > [ERROR] Provider message: > [ERROR] The svn tag command failed. > [ERROR] Command output: > [ERROR] svn: E175002: Unable to connect to a repository at URL ' > https://server1/svn/app-commons/trunk' > [ERROR] svn: E175002: OPTIONS of 'https://server1/svn/app-commons/trunk': > Server certificate verification failed: issuer is not trusted ( > https://server1) > [ERROR] -> [Help 1] > > Where I have put server1 in my hosts file to point to the actual IP on the > LAN, e.g 192.168.0.xxx. Now the error message seems to indicate it found > the cert...but it's not considered valid?? > > I use TortiseSVN to connect to this same SVN all day long...why can't maven? > > -Dave > > > > > > On Sat, Sep 22, 2012 at 6:50 PM, Brian Topping <[email protected]> wrote: > >> Ah. The -keystore parameter should point to your cacerts file that is >> buried somewhere in C:\Program Files\Java\jdk1.7.0_06\jre. >> >> On Sep 22, 2012, at 8:34 PM, David Hoffer <[email protected]> wrote: >> >>> Yeah, I had done the mvn -version to find what Java to add it to but that >>> didn't work so I added it to others too. Here is the results of that: >>> >>> Apache Maven 3.0.4 (r1232337; 2012-01-17 01:44:56-0700) >>> Maven home: C:\Program Files (x86)\Maven\apache-maven-3.0.4 >>> Java version: 1.7.0_06, vendor: Oracle Corporation >>> Java home: C:\Program Files\Java\jdk1.7.0_06\jre >>> Default locale: en_US, platform encoding: Cp1252 >>> OS name: "windows 7", version: "6.1", arch: "amd64", family: "windows" >>> >>> And here is my command line to add the cert: >>> C:\Program Files\Java\jdk1.7.0_06\jre\bin>keytool -import -keystore >>> server1cert -file c:/server1cert.cer >>> >>> What I'm I missing here? >>> >>> -Dave >>> >>> >>> On Sat, Sep 22, 2012 at 6:15 PM, Brian Topping <[email protected]> >> wrote: >>> >>>> Dave, I think I'd attack the latter issue first. You have to know which >>>> cacerts file is getting hit, otherwise it's no different than not >> adding it >>>> at all. "mvn -version" will tell you what Java home it's using, that >>>> should help you find the proper cacerts file. Be careful to add it to >> the >>>> JRE and not the JDK version of cacerts. >>>> >>>> I have no ideas about anything from Redmond, but if it's PEM-encoded, it >>>> should slurp right in. IIRC, naming the alias of the cert to your FQDN >>>> really only helps with wetware management. >>>> >>>> On Sep 22, 2012, at 7:53 PM, David Hoffer <[email protected]> wrote: >>>> >>>>> Hum, I'm having trouble getting this to work. I generated the self >>>> signed >>>>> cert on the server using IIS and then on the client ran this command: >>>>> >>>>> keytool -import -keystore server1cert -file c:/server1cert.cer >>>>> >>>>> It says it imported it fine but I still get the same error using the >>>> maven >>>>> release plugin. I thought it might be because the cert has the server >>>> name >>>>> not the IP as the CN entry so I changed the maven pom to use the server >>>>> name (in the SCM URL) instead but that didn't fix the problem not just >>>>> complains using the server name instead of the IP in the connection >> URL. >>>>> >>>>> Also I do have lots of Java versions (jre & jdk) and wasn't positive >>>> which >>>>> was used by maven so I added it to several...didn't help. >>>>> >>>>> What am I missing? >>>>> >>>>> -Dave >>>>> >>>>> On Sat, Sep 22, 2012 at 3:53 PM, Brian Topping <[email protected]> >>>> wrote: >>>>> >>>>>> Hi David, >>>>>> >>>>>> It looks like you have an unsigned SSL certificate on your SVN server. >>>> So >>>>>> you need to install the certificate in the Java keystore of hosts that >>>> need >>>>>> to run the release plugin. There are a lot of examples of this on the >>>> net >>>>>> already, just google for "install unsigned cert java" or whatnot. >>>>>> >>>>>> Cheers, Brian >>>>>> >>>>>> On Sep 22, 2012, at 5:19 PM, David Hoffer <[email protected]> wrote: >>>>>> >>>>>>> I'm getting the following error while performing the release:prepare >>>>>> goal. >>>>>>> >>>>>>> [ERROR] Failed to execute goal >>>>>>> org.apache.maven.plugins:maven-release-plugin:2.3.2:prepare >>>>>>> (default-cli) on project app-commons: Unable to tag SCM >>>>>>> [ERROR] Provider message: >>>>>>> [ERROR] The svn tag command failed. >>>>>>> [ERROR] Command output: >>>>>>> [ERROR] svn: E175002: Unable to connect to a repository at URL >>>>>>> 'https://hostname/svn/app-commons/trunk' >>>>>>> [ERROR] svn: E175002: OPTIONS of >>>>>>> 'https://hostname/svn/app-commons/trunk': Server certificate >>>>>>> verification failed: certificate issued for a different hostname, >>>>>>> issuer is not trusted (https://hostname) >>>>>>> [ERROR] -> [Help 1] >>>>>>> >>>>>>> I'm on Windows, local network, Maven 3.0.4. How can I resolve this? >>>>>>> >>>>>>> Thanks, >>>>>>> -Dave >>>>>>> >>>>>>> --------------------------------------------------------------------- >>>>>>> To unsubscribe, e-mail: [email protected] >>>>>>> For additional commands, e-mail: [email protected] >>>>>>> >>>>>> >>>>>> >>>>>> --------------------------------------------------------------------- >>>>>> To unsubscribe, e-mail: [email protected] >>>>>> For additional commands, e-mail: [email protected] >>>>>> >>>>>> >>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: [email protected] >>>> For additional commands, e-mail: [email protected] >>>> >>>> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >> --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
