You are using Nexus OSS or Nexus Professional and have tried to Analyze a repository using Remote Healthcheck (RHC). This doesn't seem to work and you notice an error in the Nexus log file similar to:
2014-03-03 10:57:08 WARN [pxpool-1-thread-8] admin org.sonatype.scheduling.DefaultScheduledTask - Exception in call method of scheduled task Health Check: central javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Have you configured your Nexus to use a proxy server or is Nexus behind a corporate firewall?
Most commonly this error happens when a proxy server rewrites the
https://rhc-pro.sonatype.com (Nexus Pro) or
https://rhc.sonatype.com (Nexus OSS) certificate with a custom one that Nexus does not trust.
You can use Nexus built-in truststore to trust the remote certificate.
The following soliution applies to the default
central proxy repository shipped with Nexus. However, these steps can be performed against any repository exhibiting this problem.
- Open Administration -> Capabilities
- Click New. Select SSL: Health Check. Click Add. Click Save.
- Open Administration -> SSL Certificates Click Add... -> Load From Server. Enter
https://rhc-pro.sonatype.comif using Nexus Pro, enter
https://rhc.sonatype.comif using Nexus OSS. Then click Load Certificate, then Add Certificate after verifying the certificate displayed.
- Open Administration -> Scheduled Tasks. Find the Health Check: central scheduled task. Uncheck the Enabled checkbox and Save. Recheck the Enabled checkbox and Save. Click the Run button when the task is enabled and rerun the task.