HTTPS/SSL deploy fails with "Received fatal alert: bad_record_mac"

Visit for documentation on Nexus Repository version 2.

Deploy to an SSL enabled server fails with the following message:

Received fatal alert: bad_record_mac

The problem is caused by issues with Sun Java security package (#4815023), which makes the Java try TLS even if it's not supported on the server. This results in aborted connection.

One workaround is to force use of SSLv3 only.  To do this, add the following to the MAVEN_OPTS environment variable:

"-Dhttps.protocols=SSLv3 -Dforce.http.jre.executor=true"

Another cause of this problem is that the server Maven is connecting to is using an SSL cipher that is not compatible.

For example, the following nginx configuration is known to avoid this error:

ssl_protocols SSLv3 TLSv1 SSLv2;
ssl_prefer_server_ciphers on;


Have more questions? Submit a request


  • 0
    Permanently deleted user

    Thanks for the suggestion, but it doesn't really help. I posted a full problem description here: Can you help?

  • 0
    Peter Lynch

    We are closing this article for comments.

    If you have a support license, please contact us by submitting a support ticket.

    If you do not have a support license, please use our Nexus Users List or our other free support resources.

Article is closed for comments.