How to connect to HTTPS repository from Nexus OSS?

Question

Could I use Sonatype Nexus OSS to connect to a SSL repository? (ex: https://repository.cloudera.com/artifactory/cloudera-repos/)

I find this document, only Nexus Pro supports to add SSL certificate on GUI. (http://books.sonatype.com/nexus-book/reference/ssl-sect-client-cert.html)

Therefore, I try to download the certificate from browser, use this command to import the key. But it still doesn't work. I use Tomcat 7.0 and JDK 1.7 64bit, is it possible to use HTTPS repository?

keytool -import -alias Cloudera -keystore D:\JDK\1.7.0_45_x64\jre\lib\security\cacerts -file d:\cloudera.txt -storepass changeit

Answer 1

The certificate of the cloudera server has to be known to Nexus. In Nexus OSS you have to import it into the truststore of the JVM running Nexus. In Nexus Pro you can use the build in SSL configuration. More details are available in the SSL chapter of the Nexus book.

Answer 2

You're on the right track.

Are you going through an http proxy server or firewall to reach the internet? If so, it is very likely that this is decrypting SSL traffic and re-encrypting it with a certificate that is not considered valid by your JRE.

You'll need to get this certificate from your IT department and import it into the JRE truststore like you did with the Cloudera cerificate.