Upon the first attempt to create a maven project using IntelliJ, I'm getting the following error even after importing the .cer file into cacerts.
Could not transfer artifact
org.apache.maven.plugins:maven-clean-plugin:pom:2.5 from/to central
(https://repo.maven.apache.org/maven2): PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
Thanks in advance!!!
You are behind a firewall which wants to inspect what you are doing so they inject themselves in the certification path to be able to do so. This also allows them to rewrite the contents you download on the fly if they want to.
The sole reason to use https instead of http is to detect and avoid this exact scenario.
If you trust the owner of the interfering firewall, add its certificates to the JDK keychain to make programs run with that JDK accept this. Note that the JDK you run Maven with inside IntelliJ may not necessarily be the same as the one used by Maven on the command line.
Related
I am working in a corporate network.
I can't download artifacts through maven, but I can download them individually through my web browser.
This is the error:
[ERROR] Non-resolvable import POM: Could not transfer artifact com.fasterxml.jackson:jackson-bom:pom:2.9.8 from/to central (https://repo1.maven.org/maven2): Can't connect to SOCKS proxy:Connection refused: connect # org.springframework.boot:spring-boot-dependencies:2.1.3.RELEASE, C:\Users\alfonso\.m2\repository\org\springframework\boot\spring-boot-dependencies\2.1.3.RELEASE\spring-boot-dependencies-2.1.3.RELEASE.pom, line 605, column 25
For what I have googled, a lot of people solve this configuring a proxy. I don't understand why I would need that, because as I said, I can download the dependencies trough my web browser.
If configuring a proxy is the only way, any idea as to how to identify my company's proxy?? I've no idea what it is.
Is it supposed to be a "maven proxy" or just a simple proxy? I ask because IT people probably don't know much about java and maven. So if I ask them what is our maven proxy, they may not know what I'm talking about (if it is something at all he he)
Downloading the dependencies through a browser is a nightmare because standard Maven projects need hundreds of artifacts (Maven plugins etc.).
The proxy is not a "Maven proxy", but a company thing. You need to find out which proxy allows access to MavenCentral. If you don't have such proxy, you need to discuss a solution like e.g. setting up your own Nexus/Artifactory and giving it access to MavenCentral.
I have a remote repository with an https URL and a self-signed certificate. In Maven I could set MAVEN_OPTS properties to bypass certificate validation. How can I achive this with gradle?
I tried modifying the file gradle.properties but I can’t find the exact properties:
systemProp.http.ssl.insecure=true
systemProp.http.ssl.allowall=true
systemProp.http.ssl.ignore.validity.dates=true
Gradle "Trust All" Plugin
This plugin was born out of necessity for a quick-and-dirty way to use a Maven repository over HTTPS with a self-signed certificate.
When working with such a repository in gradle you may get an error:
Error transferring file: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
Usual Java way to handle such scenario would be to download site certificate, import it into a keystore, and use that keystore via the -Djavax.net.ssl.trustStore=... JVM options.
Sometimes, you just need an easier way — disable certificate validation altogether! There are many reasons not to do that, one of them being that this approach makes connections vulnerable to man-in-the-middle attacks.
Consider this code a proof-of-concept and accept full responsibility that by using it you're ultimately making an informed bad decision.
Origin
The code to disable certificate validation comes from this StackOverflow answer, although there are many similar code snippets floating around the web.
Using "Trust All" Plugin
To use gradle-trust-all, build the jar file and include it in your project:
$ git clone https://github.com/arteme/gradle-trust-all.git
$ cd gradle-trust-all
$ gradle build
$ cp build/libs/gradle-trust-all.jar /path/to/your/project/gradle/folder/
Then in your project's build.gradle file add it as a buildscript dependency and activate the plugin:
buildscript {
dependencies {
classpath files('gradle/gradle-trust-all.jar')
}
}
apply plugin: 'trust-all'
That is it. Now certificate validation in gradle is disabled.
https://github.com/arteme/gradle-trust-all
I recently did a fresh install of maven. I have been trying to run mvn clean install but I keep getting a peer not authenticated error. I can acess the website with the credentials that I am using in the settings.xml file but I am unable to complete the execute my goal.
I have tried explicitly setting my path for settings.xml:
mvn clean install -s ~/.m2/settings.xml for local and global mvn clean install -gs /home/myuser/app/maven/conf/settings.xml
Double checked whether each file was using the right creds and they definitely were.
Does anyone have any other solution that I can try? Because these credentials work 100%, I just dont know why they aren't working in this case. Is there any explicit way for me to set the username and password in the command line? Because I am at my wits end with this. Been working on this for about 2 days and don't have a solution.
I was using this same maven project 6 months ago, but I don't recall ever having this problem. Talked to my co-worker and he was able to run it with the same settings that I have but hes not on a VM. Is the VM to blame? Is there some proxy setting or something that I am missing that I have to set for VMs? I am using VMWare to run my VM which is Ubuntu 16.
Thank you for all the help!
ERROR Message:
[ERROR] Failed to execute goal on project company-pojo-services: Could not resolve dependencies for project org.company:company-pojo-services:jar:3.6.1.RELEASE: The following artifacts could not be resolved: javax.jms:jms:jar:1.1, com.oracle:ojdbc6:jar:11.2.0.1.0: Could not transfer artifact javax.jms:jms:jar:1.1 from/to artifactory-online (https://reader:reader#company.artifactoryonline.com/company/company-3/repository/): peer not authenticated -> [Help 1]
EDIT:
[ERROR] Failed to execute goal on project company-pojo-services: Could not resolve dependencies for project org.company:company-pojo-services:jar:3.6.1.RELEASE: The following artifacts could not be resolved: javax.jms:jms:jar:1.1, com.oracle:ojdbc6:jar:11.2.0.1.0: Could not transfer artifact javax.jms:jms:jar:1.1 from/to artifactory-online (https://reader:reader#company.artifactoryonline.com/company/company-3/repository/): Remote host closed connection during handshake: SSL peer shut down incorrectly -> [Help 1}
This link here is exactly my problem: Maven - peer not authenticated
But too bad the solution doesnt work for me.
Reson for this is newer versions of Maven checks for SSL for https connections. Refer this to bypass the error temporarily.
[http://maven.apache.org/wagon/wagon-providers/wagon-http/][1]
For a permanent solution, you have to add the certificate to the certificate store of your JRE
In our organization we use internal Artifactory server as maven repository. I have setup the Maven settings accordingly. Problem is when I do Maven > Update from Eclipse below error is thrown -
Failure to transfer
org.apache.maven.plugins:maven-resources-plugin:pom:2.6 from
https://.../artifactory/public was cached in
the local repository, resolution will not be reattempted until the
update interval of artifactory has elapsed or updates are forced.
Original error: Could not transfer artifact
org.apache.maven.plugins:maven-resources-plugin:pom:2.6 from/to
artifactory (https://.../artifactory/public):
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
This is what I have tried so far -
Imported the Artifactory server certificate manually using keytool in Java cacerts.
Ensured that Eclipse setting is pointing to respective Maven and JDK installations.
Deleted m2_repo and rebuilt
Deleted eclipse setup and setup afresh
Restarted system
When I run Maven from command prompt it works fine. What am I missing here?
Issue got resolved when I tried Maven > Update with Force Update of Snapshot/Releases enabled.
I have a Maven project and added db4o as a dependency using this answer from a previous question. When I compile the project it gives me the following error:
Could not resolve dependencies for
project
org.uca.dss:trenes:jar:1.0-SNAPSHOT:
[...] Failed to read artifact
descriptor for
com.db4o:db4o-full-java5:jar:7.13-SNAPSHOT:
Could not transfer artifact
com.db4o:db4o-full-java5:pom:7.13-SNAPSHOT
from/to source.db4o
(https://source.db4o.com/maven/):
Error transferring file:
sun.security.validator.ValidatorException:
PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification
path to requested target -> [Help 1]
Curiously enough, it only happens in Ubuntu GNU/Linux (tested in two PC's), but not in Windows (using NetBeans 7.0).
I can post the full error (from maven -X output), but I think it does not add much information
Edit 1:
This is what I have in my pom.xml file regarding db4o:
<repository>
<id>source.db4o</id>
<url>https://source.db4o.com/maven/</url>
</repository>
...
<dependency>
<groupId>com.db4o</groupId>
<artifactId>db4o-full-java5</artifactId>
<version>7.13-SNAPSHOT</version>
</dependency>
This looks like a security certificate issue for a secured request which is generally looked up from %JAVA_HOME%\jre\lib\security\cacerts . I am guessing your windows JRE has the entries whereas the ubuntu JRE is lacking them.
By the way this link is a good read on installing certs. You probably want to use the option 1 mentioned there.