Visit my.sonatype.com for documentation on Nexus Repository version 2.
Deploy to an SSL enabled server fails with the following message:
Received fatal alert: bad_record_mac
The problem is caused by issues with Sun Java security package (#4815023), which makes the Java try TLS even if it's not supported on the server. This results in aborted connection.
One workaround is to force use of SSLv3 only. To do this, add the following to the MAVEN_OPTS environment variable:
"-Dhttps.protocols=SSLv3 -Dforce.http.jre.executor=true"
Another cause of this problem is that the server Maven is connecting to is using an SSL cipher that is not compatible.
For example, the following nginx configuration is known to avoid this error:
ssl_protocols SSLv3 TLSv1 SSLv2;
ssl_ciphers ALL:!ADH:!EXPORT56:!kEDH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;