Welcome to the Sonatype Support Knowledge Base

Announcements

• ★ codehaus.org Repositories Should Be Removed From Your Nexus Instance
• ★ Sonatype Data Research supplies reserved CVE CVSS scores
• IQ vulnerability information contains the Root Cause
• Commons-collections unintended execution in deserialization
• Spring-core unintended code execution in deserialization
• OpenSSL Heartbleed bug and Sonatype

Product Support Overview

• ★ Nexus Repository Manager Feature Compatibility Matrix
• Sonatype Security Data Sources and Research Overview
• Support Ticket Best Practices
• Sonatype Product Ideas Portal Help
• Sonatype Product and Solutions Overview
• Sonatype Product Support FAQ

See all 9 articles

Security Advisories

• CVE-2019-16530 - Nexus Repository Manager 2 & 3, and Nexus IQ Server - Remote Code Execution - 2019-09-19
• CVE-2019-15893 Nexus Repository Manager 2 - Remote Code Execution - 2019-09-03
• CVE-2019-5475 & sonatype-2019-0429 (CVE-2019-15588) Nexus Repository Manager 2 - OS Command Injection - 2019-08-09
• CVE-2019-14469 Nexus Repository Manager 3 - Cross Site Scripting XSS - 2019-07-26
• CVE-2019-11629 Nexus Repository Manager 2 - Cross Site Scripting XSS - 2019-05-02
• CVE-2019-7238 Nexus Repository Manager 3 - Missing Access Controls and Remote Code Execution - 2019-02-05

See all 16 articles

General Product Tips & How To

• Central 501 HTTPS Required
• Sonatype Docker image security cryptographic standards may affect outbound TLS connections
• How to generate a HAR for Nexus Repository Manager and IQ Server UI issues
• How to Make Proxy Repositories Act Like Hosted Repositories
• How to resolve CertificateException: No subject alternative DNS name matching for LDAP secure connections
• Protect Sonatype Server Products against Weak Diffie-Hellman Keys and Logjam

See all 9 articles

Apache Maven Tips & Troubleshooting

• maven-release-plugin + nexus-staging-plugin + Maven 2.2.1 Server Credentials with ID not found
• What are the requests that Maven 3.x sends when deploying artifacts?
• Configuring Maven HTTP Wagon Detailed Logging
• HTTPS/SSL deploy fails with "Received fatal alert: bad_record_mac"
• Maven deploys fail with Java 7, work with Java 6
• Maven deploy works using plain text password, but fails if encrypted

Nexus Repository Manager 3

General Tips & How To

• How do I determine which repository manager is being referenced by the ID shown in the Repositories list in IQ Server?
• How to configure HSTS in NXRM 3
• Can I enable anonymous access to Nexus IQ Server component details in Nexus Repository Manager?
• How to Restrict Access to Nexus Repo 3 by IP Address
• What is the difference between "add" and "edit" privileges for repositories?
• How to delete docker images from Nexus Repository Manager

See all 8 articles

Release Notes

• ★ Nexus Repository Manager 3 Latest Release Notes
• Download Nexus Repository Manager 3
• Nexus Repository Manager 3.5.0 Release Notes
• Nexus Repository Manager 3.4.0 Release Notes
• Nexus Repository Manager 3.3.2 Release Notes
• Nexus Repository Manager 3.3.1 Release Notes

See all 20 articles

Installation, Upgrade and Compatibility

• Nexus Repository Manager 2.x to 3.y Migration Checklist
• How to Redirect HTTP requests to HTTPS?
• Moving a Nexus Repo 3 Installation to a New Location
• Updating Java for Nexus 3 on Windows
• Configuring network interface for Nexus HA-C with TCP/IP
• Performing an Orderly HA-C Shutdown

See all 27 articles

Troubleshooting

• How to rebuild the Admin - Compact blobstore deletions index file if soft-deleted blobs are orphaned
• Every time Nexus Repo 3 is restarted it asks to have the license installed
• How to generate native blobstore blob path from a blob ID
• maven-deploy-plugin version 3.0.0-M1 deploy fails with 401 ReasonPhrase: Unauthorized
• Every time Nexus Repository Pro 3.x starts on a Linux server it loses its license
• What is the jvm.log?

See all 39 articles

Development

• How can I convert a groovy script to JSON for REST API usage ?
• Script Parameters
• Groovy: Close those transactions, or else...
• Nexus 3 Groovy Script development environment setup

Nexus Repository Manager 2

Release Notes

• ★ Nexus Repository Manager 2 Release Notes Index
• Nexus Repository Manager 2.14.5 Release Notes
• Nexus Repository Manager 2.14.4 Release Notes
• Nexus Repository Manager 2.14.3 Release Notes
• Nexus Repository Manager 2.14.2 Release Notes
• Nexus Repository Manager 2.14.1 Release Notes

See all 22 articles

Getting Started

• Download Nexus Repository Manager 2
• Nexus Repository Manager Professional Download Archives
• Nexus Repository Manager OSS Download Archives
• What are the available Sonatype Nexus Repository Manager 2.x distributions and editions?
• Sonatype Nexus System Requirements
• Nexus Pro Trial Edition vs. Nexus Professional Full Edition

See all 22 articles

General Tips & How To

• Jenkins Publish Using Maven Coordinates from the pom.xml
• How to disable authentication dialogs for sensitive operations performed by RUT authenticated users
• Deleting a specific npm package version in Nexus Repository Manager 2.x
• How can I create private repositories in Nexus Repository Manager?
• How to Configure Request Header Authentication in Nexus with Apache
• What approach should I use to restrict access to artifacts in Nexus?

See all 53 articles

Troubleshooting

• Problem: Proxy repository to secure.central.sonatype.com site is auto-blocked
• Reset and Compact NuGet package database
• Understanding Smart Proxy Connections
• 401 Unauthorized with npm client versions 5.0.0 to 5.0.3
• What do the repository manager 2.x status messages mean?
• Why does Nexus download npm packages from sites other than the configured remote URL?

See all 74 articles

Performance & Tuning

• WARN org.eclipse.jetty.io.nio - javax.net.ssl.SSLException: Received fatal alert: certificate_unknown log messages
• Setting Advanced LDAP Connection Properties in Nexus Repository Manager
• NuGet Performance Issue - Action Recommended
• Solving NuGet Query Performance Problems
• Can I use AJP protocol with Neuxs?
• How do I simulate Nexus Pro Smart Proxy performance benefits using Nexus OSS?

See all 21 articles

Development

• What command line tools are available for Nexus?
• How do I add user interface elements to my Nexus plugin?
• How do I add a servlet filter to Nexus request processing?
• How do I create a security realm implementation?
• Uploading to a Staging Repository via REST API
• How to retrieve a user token from Nexus using REST

See all 12 articles

Nexus IQ Server (Auditor, Firewall, and Lifecycle Solutions)

Nexus IQ Server

• ★ Root Organization Best Practices
• ★ How do I download and install the Nexus IQ Server?
• How to Determine Which Outbound Connection TLS Truststore is Used by IQ Server
• How to Determine Which Java is Used by IQ Server?
• Upgrade to IQ Server Release 73 fails due to IllegalArgumentException: timeNanos out of range
• 04/22/19 New Licenses and Updates to Default License Threat Groups (LTGs)

See all 42 articles

Application Health Check

• Nexus Vulnerability Scanner FAQ

Previously Supported Products

• How do I migrate a CLM 1.5 application policy to a CLM 1.6 organization policy
• Trouble viewing reports in Sonatype CLM for CI after 1.7 upgrade?
• How can I free up space used by the Sonatype CLM Server (1.7 or earlier)?