Thanks! This should work for Maven2 as well. Any chance you'd be able to write this up as a document to include on the website and attach it to JIRA?
http://maven.apache.org/guides/mini/guide-apt-format.html Cheers, Brett On 11/14/05, Arnaud Bailly <[EMAIL PROTECTED]> wrote: > Hello, > Sometimes ago I posted a question about using a secured server as > repository for dependencies download. By secure, I mean an HTTPS server > with client certificate authentication. While not being overwhelmed by > the myriad of answers, I was finally able to dig a tunnel to the > solution through Java's security and criptography features. Here is for > the enlightment of the masses the simple solution. > > The problem: > I have a server storing a maven repo at addresse > https://my.server.com/maven. > This server only serves clients authenticated by a valid (self-signed) > certificate : the server's certificate is the certificate authority as > the server is used only internally. > > The server's certificate is : > my.server.com.cert > > The client certificate is available in PKCS#12 format (this is the > format that is accepted by browsers) : > mycertificate.p12 > Note that this file contains the client's private key which may be very > sensitive information and so is secured by a password : > CeRtPwD > > So I set the following property in build.properties : > maven.repo.remote=https://my.server.com/maven,http://www.ibiblio.org/maven > > But how do HttpClient finds the client certificate and keys it needs ? > > The solution: > 1) create a store to hold the server's certificate usings Sun's keytool > > $> keytool -v -alias mavensrv -import -file my.server.com.cert -keystore > trust.jks > Enter keystore password: > Owner: .... > Issuer: .... > Serial number: .... > Valid from: Mon Feb 21 22:34:25 CET 2005 until: Thu Feb 19 22:34:25 CET 2015 > Certificate fingerprints: > MD5: ....... > SHA1: ..... > Trust this certificate? [no]: yes > Certificate was added to keystore > [Storing trust.jks] > $> > > 2) Set the following properties either in maven's command-line, or in > .mavenrc or in MAVEN_OPTS environment variable (setting it in > build.properties or project.properties does not work). > > -Djavax.net.ssl.trustStore=trust.jks > -Djavax.net.ssl.keyStore=mycertificate.p12 > -Djavax.net.ssl.keyStoreType=pkcs12 > -Djavax.net.ssl.keyStorePassword=CeRtPwD > > 3) enjoy ! > > $> maven > > -- > Arnaud Bailly - Ingénieur de Recherche > NORSYS > 1, rue de la Cense des Raines > ZAC du Moulin > 59710 ENNEVELIN > Tel : (33) 3 28 76 56 76 > Fax : (33) 3 28 76 57 00 > Web : http://www.norsys.fr > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
