[英]leiningen: How do I turn off ssl verification?
I'm a first-time leiningen user on Windows. 我是Windows上的第一次leiningen用户。 When I run
lein run
I get the following error: 当我运行
lein run
,出现以下错误:
C:\Users\me\clojure-app>lein run
Could not transfer artifact org.clojure:clojure:pom:1.7.0 from/to central (https://repo1.maven.org/maven2/): sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Could not transfer artifact org.clojure:tools.nrepl:pom:0.2.10 from/to central (https://repo1.maven.org/maven2/): sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Could not transfer artifact clojure-complete:clojure-complete:pom:0.2.3 from/to central (https://repo1.maven.org/maven2/): sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
This could be due to a typo in :dependencies or network issues.
If you are behind a proxy, try setting the 'http_proxy' environment variable.
My http_proxy
and https_proxy
environment variables are indeed set properly. 我的
http_proxy
和https_proxy
环境变量确实设置正确。
I'm behind a corporate firewall that re-signs web traffic with its own SSL certificates, which I suspected could be the root of my issues. 我在公司防火墙后面,该公司防火墙使用自己的SSL证书重新签署网络流量,我怀疑这可能是问题的根源。 However, I set my
HTTP_CLIENT
environment variable to: 但是,我将
HTTP_CLIENT
环境变量设置为:
curl --insecure -f -L -o
...to avoid SSL verification (as suggested by this note in the installation help ) but that did not change the error message. ...以避免SSL验证(如安装帮助中此注释所建议),但这并没有更改错误消息。
So, my root question, I suppose is: what steps must a user take to get lein run
to successfully bring down dependencies on a Windows machine that is behind a corporate firewall that re-signs SSL traffic? 因此,我的根本问题是,我想:用户必须采取什么步骤来
lein run
才能成功降低对重新签名SSL流量的公司防火墙背后的Windows计算机的依赖性? :o) :O)
Here are some options in inverse order of crazyness (least crazy first) 以下是一些与疯狂相反的选项(从最低疯狂开始)
I'm really trying to not be snooty, by omitting an answer to your actual question. 我实际上是在通过避免回答您的实际问题来尽量不要打sn。 I do realize that there is not an option to disable security on this list.
我的确意识到此列表上没有禁用安全性的选项。 That's on purpose because one of there options will surely work and will make your life much better for knowing how to use these.
这是有意为之的,因为其中一种选择肯定会起作用,并且会使您的生活变得更好,因为他们知道如何使用它们。 If it still comes across as pretentious then please accept my most sincere apology along with the answer.
如果仍然显得自命不凡,那么请接受我最真诚的道歉以及答案。
To elaborate on Arthur's answer and save a trip to google for the command: To add the certificate to the JRE's truststore, use this keytool command: 要详细说明Arthur的答案并保存以下命令的Google之旅:要将证书添加到JRE的信任库中,请使用以下keytool命令:
keytool -import -trustcacerts -file CompanyMitmProxyCertificate.crt -alias ZScaler -keystore cacerts
Where: "CompanyMitmProxyCertificate.crt" is the certificate for your company's man-in-the-middle-attack cert and 'cacerts' is the keystore for your jre located under "\\lib\\security". 其中:“ CompanyMitmProxyCertificate.crt”是贵公司的中间人攻击证书的证书,“ cacerts”是jre的密钥库,位于“ \\ lib \\ security”下。 The default password for the keystore is 'changeit'.
密钥库的默认密码为“ changeit”。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.