Maven 发布 -> 对等方未通过身份验证

Question

I'm experimenting a bit with releasing my software (I've never done this before) and so far I've been able to execute mvn release:prepare. As I'm executing release:perform I get the following error:

[INFO] [ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plug
in:2.7:deploy (default-deploy) on project img2stl: Failed to deploy artifacts: C
ould not transfer artifact nl.byterendition:img2stl:jar:0.9 from/to byterenditio
n-releases (https://localhost:443/svn/repo/releases): peer not authenticated ->
[Help 1]

I've set up a local password protected svn repository at localhost:443, so I added the following to my settings.xml in my .m2 folder

EDITED TO INCLUDE Edwin Buck's answer:

<?xml version="1.0" encoding="UTF-8"?>

<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">

    <servers>
        <server>
            <id>byterendition-releases</id>
            <username>username</username>
            <password>password</password>
        </server>
        <server>
            <id>byterendition-snapshots</id>
            <username>username</username>
            <password>password</password>
        </server>
    </servers>
</settings>

This is the useful section of my pom:

<distributionManagement>
    <repository>
        <id>byterendition-releases</id>
        <url>https://localhost:443/svn/repo/releases</url>
    </repository>
    <snapshotRepository>
        <id>byterendition-snapshots</id>
        <url>https://localhost:443/svn/repo/snapshots</url>
    </snapshotRepository>
</distributionManagement>

How can I get maven to access the svn repository?

Ok, as Edwin Buck suggested I shouldn't use localhost, but since I haven't been able to get it to work otherwise I thought I'd try this using a remote SVN server I use for work. Now I get a different error:

[INFO] [ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plug
in:2.7:deploy (default-deploy) on project img2stl: Failed to deploy artifacts: C
ould not transfer artifact nl.byterendition:img2stl:jar:0.9.5 from/to byterendit
ion-releases (https://svn.science.ru.nl/repos/estens/releases/): Failed to trans
fer file: https://svn.science.ru.nl/repos/estens/releases/nl/byterendition/img2s
tl/0.9.5/img2stl-0.9.5.jar. Return code is: 409, ReasonPhrase: Conflict. -> [Hel
p 1]

Again I can access this repo from Eclipse. Does anyone know what I'm doing wrong?

Answer 1

Since version 3.0.5 Maven checks the SSL certificate on https connections. You can temporarily fix this by adding the command line parameters

-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true

Installing the SSL certificate into your JRE should permanently fix the issue.

Official documentation: http://maven.apache.org/wagon/wagon-providers/wagon-http/

Answer 2

Step 1. Download the certificate in DER format *.cer (/X.509 .cert) file to your local dir

(You can do this from your browser; For Chrome Click on the Lock symbol, Show Ceritficate --> Copy to File)

Step 2. Import it to Java trust store

\\Program_Files\\Java\\jdk1.6.0_45\\jre\\lib\\security>%JAVA_HOME%\\jre\\bin\\keytool -v -alias mavensrv -import -file d:\\temp\\apacher.cer -keystore trust.jks

Step 3. Give the path to maven as environment variables

set MAVEN_OPTS=-Xmx512m -Djavax.net.ssl.trustStore=%JAVA_HOME%/jre/lib/security/trust.jks -Djavax.net.ssl.trustStorePassword=changeit -Djavax.net.ssl.keyStore=%JAVA_HOME%/jre/lib/security/trust.jks -Djavax.net.ssl.keyStoreType=jks -Djavax.net.ssl.keyStorePassword=changeit

Answer 3

Your entry in settings.xml is for a server id of localhost but you are accessing repositories with id(s) of byterendition-releases and byterendition-snapshots .

This means that maven won't recogonize and associate the credentials with these two servers, because they have different "identities". You will need settings.xml entries for byterendition-releases and byterendition-snapshots .

Now if you added an entry like

    <server>
        <id>byterendition-releases</id>
        <username>user</username>
        <password>password</password>
    </server>

Then maven would meet the https authentication challenge to byterendition-releases with a username of user and a password of password , because it has a server credential entry for byterendition-releases .

You'll also have to add in an additional entry for byterendition-snapshots , or set it to have the same server id as byterendition-releases .

--- Edited to keep up with the updated question ---

You are reaching for your repository with a localhost URL. While this might work if your repository is really on the same host machine, there are lots of reasons why it might not work.

1. The SVN repository is on a remote SVN server, so this will fail when developing elsewhere than the remote server.
2. The HTTP server is not configured to resolve localhost exactly the same way that it might resolve an external request.

Either way, ditch localhost. If you can't get a stable DNS name for the machine, even putting in an IP address is a better choice. If your SVN server is on DHCP, then invest the time into getting DynamicDNS working (but really, you should get a static IP for a server if you can).

Answer 4

https://github.com/escline/InstallCert提供了必要的工具，并提供了有关如何将远程证书导入系统范围的证书存储的分步说明。

Answer 5

I found that the Java version can make a difference here.

With Maven 3.0.5 I was getting this error with Java 6, but switching to Java 7 (or newer) resolved it for me.

Answer 6

It looks like a SSL problem when connecting to the server. Maybe before the username and password check.

Did you config the svn server with SSL client auth? This means you need to send a client certificate to the server.

Answer 7

I've had lot of security issues after upgrading to OSX Mavericks

• SSL problem with Amazon AWS
• peer not authenticated with Maven and Eclipse
• trustAnchors parameter must be non-empty

I applied this JAVA update and it fixed all my issues: http://support.apple.com/kb/DL1572?viewlocale=en_US

Answer 8

I'm using maven 3.5.3, and I choose to temporarily fix this SSL issue by adding the command line parameters according to above answers. But the parameters's format seems changed a little.

-D maven.wagon.http.ssl.insecure=true -D maven.wagon.http.ssl.allowall=true

Sorry I can't comment @Alex Punnen's answer, so I have to write a new answer.

Answer 9

I had the same issue using maven 3.6.0. All proposed solutions (using -Dmaven.wagon.http.ssl.insecure=true , -Dmaven.wagon.http.ssl.allowall=true , update CA store) did not work for me. Actually the deployment failed not on the first module but on the ~25ish or so, and was successful for all previous modules. Thus I assumed that in general the SSL handling was ok and there was general issue in the local <> server connection or certificates.

Leaving me quite confused for some time, I today stumbled across this jacoco issue where they mention the deployAtEnd parameter . Adding this parameter to my pom.xml as part of the deploy plugin configuration solved the issue for me.

However, I'm yet not clear on why the deployment failed on some later module and not on the first already.