Hi,
may be i miss a thing but wagon can be configured outside of maven via
extensions ...
<project>
...
<build>
<extensions>
<extension>
<groupId>org.apache.maven.wagon</groupId>
<artifactId>wagon</artifactId>
<version>2.7</version>
</extension>
</extensions>
</build>
...
</project>
shouldn't that work too?
Kind regards
Karl Heinz Marbaise
On 11/2/14 7:53 PM, Jeroen Hoek wrote:
Some further research on my part shows that a simple connection test
using HttpComponents httpclient 4.3.5 does work, but that the version
of httpclient used in Wagon 2.6 (httpclient 4.3.1) fails. Apparently
the newer version of httpclient fixes the problem I ran into, although
I do not know what the problem is exactly.
For completeness sake: the simple connection test with httpclient 4.3.5 I used:
https://gist.github.com/jdhoek/192a965fc63f459b2bee
As it turns out, Wagon 2.7 already uses httpclient 4.3.5. A custom
build of Maven 3.2.3 with the Wagon dependency set to 2.7 works!
When will a version of Maven 3.2.x built with Wagon 2.7 be released?
Is something blocking Maven from depending on Wagon 2.7?
2014-10-29 16:14 GMT+01:00 Jeroen Hoek <[email protected]>:
Hello,
I am trying to get Maven (3.2.2) to work with an instance of Archiva
hosted behind a webserver secured with client-side SSL certificates.
I have followed the guide at
https://maven.apache.org/guides/mini/guide-repository-ssl.html, and
imported the server-side SSL certificate into a Java .jks file. The
client-side certificate is a PKCS12 file, which works correctly in
Firefox and Chromium.
I have a simple project that depends on an artifact hosted on my
Archiva server. When client-side SSL verification is disabled on the
server, `mvn clean install` works as expected, and the dependency is
downloaded.
But it doesn't work when I activate client-side SSL verification, and
try the following command:
mvn clean install -Djavax.net.debug=ssl
-Djavax.net.ssl.trustStore=PATH_TO_TRUSTDB.jks
-Djavax.net.ssl.trustStorePassword=****************
-Djavax.net.ssl.keyStore=PATH_TO_MY_CERT.p12
-Djavax.net.ssl.keyStoreType=pkcs12
-Djavax.net.ssl.keyStorePassword=****************
From what I can see in the output, my .p12 file is read by Maven at
the start, as is the trust-store, but it fails to complete requests to
the Archiva server, although TLS handshaking appears to work, so the
server-side certificate is trusted and accepted. The server throws the
"400: No required SSL certificate was sent" error message you get when
trying to talk to it without a client-side SSL certificate installed.
In the server log I am indeed seeing HTTP GET requests from Maven
without any client-side SSL certificate, whereas GETs by a browser do
show access with the valid certificate there.
Any idea why Maven isn't using the client-side SSL certificate passed
via -Djavax.net.ssl.keyStoreType? Is there some configuration option I
am overlooking?
Kind regards,
Jeroen Hoek
Lable
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
