Problem
Visit my.sonatype.com for documentation on Nexus Repository version 2.
You are using Nexus Repository 2 OSS or Nexus Repository 2 Professional and have tried to Analyze a repository using Remote Healthcheck (RHC). This doesn't seem to work and you notice an error in the Nexus Repository log file similar to:
2014-03-03 10:57:08 WARN [pxpool-1-thread-8] admin org.sonatype.scheduling.DefaultScheduledTask - Exception in call method of scheduled task Health Check: central javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Cause
Have you configured your Nexus Repository 2 to use a proxy server or is Nexus Repository behind a corporate firewall?
Most commonly this error happens when a proxy server rewrites the https://rhc-pro.sonatype.com (Nexus Repository 2 Pro) or https://rhc.sonatype.com (Nexus Repository 2 OSS) a certificate with a custom one that Nexus Repository does not trust.
Solution
You can use Nexus Repository's built-in truststore to trust the remote certificate.
The following solution applies to the default central proxy repository shipped with Nexus Repository. However, these steps can be performed against any repository exhibiting this problem.
- Open Administration -> Capabilities
- Click New. Select SSL: Health Check. Click Add. Click Save.
- Open Administration -> SSL Certificates Click Add... -> Load From Server. Enter
https://rhc-pro.sonatype.comif using Nexus Repository 2 Pro, enterhttps://rhc.sonatype.comif using Nexus OSS. Then click Load Certificate, then Add Certificate after verifying the certificate displayed. - Open Administration -> Scheduled Tasks. Find the Health Check: central scheduled task. Uncheck the Enabled checkbox and Save. Recheck the Enabled checkbox and Save. Click the Run button when the task is enabled and rerun the task.