Maven is unable to connect to Nexus after configuring Nexus to use SSL.

Symptom: After configuring Nexus to serve SSL maven builds fail with "peer not authenticated" or "PKIX path building failed".

This is usually caused by using a self signed SSL certificate on Nexus. Java does not consider these to be a valid certificates, and will not allow connecting to server's running them by default.

You have a few choices here to fix this:

1. Add the public certificate of the Nexus server to the trust store of the Java running Maven
2. Get the certificate on Nexus signed by a root certificate authority such as Verisign
3. Tell Maven to accept the certificate even though it isn't signed

For option 1 you can use the keytool command and follow the steps in the below article.

Explicitly Trusting a Self-Signed or Private Certificate in a Java Based Client

For option 3, invoke Maven with "-Dmaven.wagon.http.ssl.insecure=true". If the host name configured in the certificate doesn't match the host name Nexus is running on you may also need to add "-Dmaven.wagon.http.ssl.allowall=true".

Note: These additional parameters are initialized in static initializers, so they have to be passed in via the MAVEN_OPTS environment variable.  Passing them on the command line to Maven will not work.

See here for more information:

http://maven.apache.org/wagon/wagon-providers/wagon-http/

 

Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk