Hello Karl, Are you sure it is possible to override the Wagon version used by Maven internally? (As opposed to the Wagon provider configured to deploy artefacts.)
It does not seem to work for me. Artefact "wagon" won't resolve, and when I use "wagon-http" it does not change the behaviour of Maven; the SSL certificate is not passed to the server. 2014-11-02 20:02 GMT+01:00 Karl Heinz Marbaise <[email protected]>: > Hi, > > may be i miss a thing but wagon can be configured outside of maven via > extensions ... > > <project> > ... > <build> > <extensions> > <extension> > <groupId>org.apache.maven.wagon</groupId> > <artifactId>wagon</artifactId> > <version>2.7</version> > </extension> > </extensions> > </build> > ... > </project> > > > shouldn't that work too? > > > Kind regards > Karl Heinz Marbaise > > > On 11/2/14 7:53 PM, Jeroen Hoek wrote: >> >> Some further research on my part shows that a simple connection test >> using HttpComponents httpclient 4.3.5 does work, but that the version >> of httpclient used in Wagon 2.6 (httpclient 4.3.1) fails. Apparently >> the newer version of httpclient fixes the problem I ran into, although >> I do not know what the problem is exactly. >> >> For completeness sake: the simple connection test with httpclient 4.3.5 I >> used: >> https://gist.github.com/jdhoek/192a965fc63f459b2bee >> >> As it turns out, Wagon 2.7 already uses httpclient 4.3.5. A custom >> build of Maven 3.2.3 with the Wagon dependency set to 2.7 works! >> >> When will a version of Maven 3.2.x built with Wagon 2.7 be released? >> >> Is something blocking Maven from depending on Wagon 2.7? >> >> 2014-10-29 16:14 GMT+01:00 Jeroen Hoek <[email protected]>: >>> >>> Hello, >>> >>> I am trying to get Maven (3.2.2) to work with an instance of Archiva >>> hosted behind a webserver secured with client-side SSL certificates. >>> >>> I have followed the guide at >>> https://maven.apache.org/guides/mini/guide-repository-ssl.html, and >>> imported the server-side SSL certificate into a Java .jks file. The >>> client-side certificate is a PKCS12 file, which works correctly in >>> Firefox and Chromium. >>> >>> I have a simple project that depends on an artifact hosted on my >>> Archiva server. When client-side SSL verification is disabled on the >>> server, `mvn clean install` works as expected, and the dependency is >>> downloaded. >>> >>> But it doesn't work when I activate client-side SSL verification, and >>> try the following command: >>> >>> mvn clean install -Djavax.net.debug=ssl >>> -Djavax.net.ssl.trustStore=PATH_TO_TRUSTDB.jks >>> -Djavax.net.ssl.trustStorePassword=**************** >>> -Djavax.net.ssl.keyStore=PATH_TO_MY_CERT.p12 >>> -Djavax.net.ssl.keyStoreType=pkcs12 >>> -Djavax.net.ssl.keyStorePassword=**************** >>> >>> From what I can see in the output, my .p12 file is read by Maven at >>> the start, as is the trust-store, but it fails to complete requests to >>> the Archiva server, although TLS handshaking appears to work, so the >>> server-side certificate is trusted and accepted. The server throws the >>> "400: No required SSL certificate was sent" error message you get when >>> trying to talk to it without a client-side SSL certificate installed. >>> In the server log I am indeed seeing HTTP GET requests from Maven >>> without any client-side SSL certificate, whereas GETs by a browser do >>> show access with the valid certificate there. >>> >>> Any idea why Maven isn't using the client-side SSL certificate passed >>> via -Djavax.net.ssl.keyStoreType? Is there some configuration option I >>> am overlooking? >>> >>> Kind regards, >>> >>> Jeroen Hoek >>> Lable > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > -- Vriendelijke groeten, Jeroen Hoek Lable ✉ [email protected] ℡ 088 44 20 202 http://lable.org KvK № 55984037 BTW № NL8519.32.411.B.01 --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
