Reputation: 101
maven repository has an invalid certificate
I try to use the dependency on plateform-bom
<dependency>
<groupId>io.spring.plateform</groupId>
<artifactId>plateform-bom</artifactId>
<version>1.0.1-RELEASE</version>
<type>pom</type>
scope>import</scope>
</dependency>
so I add the repository of Spring
<repository>
<id>spring-repo</id>
<name>Spring Maven Repository</name>
<url>https://repo.spring.io/release/</url>
</repository>
but the repository has a no valid certificate so maven refuse to use it. Is there a http instead of https repository or could you put a valid certificate on your repository ? Best regards
here is the result of mvn command:
mobo7205@ubuntu:~/NetBeansProjects/plateform/test/test-frontend$ mvn clean install
[INFO] Scanning for projects...
Downloading: https://maven.springframework.org/release/io/spring/plateform/plateform-bom/1.0.1-RELEASE/plateform-bom-1.0.1-RELEASE.pom
[ERROR] The build could not read 1 project -> [Help 1]
[ERROR]
[ERROR] The project com.orange.test:test-frontend:1.0.0-SNAPSHOT (/home/mobo7205/NetBeansProjects/plateform/test/test-frontend/pom.xml) has 2 errors
[ERROR] Non-resolvable import POM: Could not transfer artifact io.spring.plateform:plateform-bom:pom:1.0.1-RELEASE from/to spring-repo (https://maven.springframework.org/release): hostname in certificate didn't match: <maven.springframework.org> != <repo.springsource.org> OR <repo.springsource.org> @ com.orange.test:test:1.0.0-SNAPSHOT, /home/mobo7205/NetBeansProjects/plateform/test/pom.xml, line 111, column 25 -> [Help 2]
[ERROR] 'dependencies.dependency.version' for org.springframework:spring-core:jar is missing. @ line 63, column 21
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException
[ERROR] [Help 2] http://cwiki.apache.org/confluence/display/MAVEN/UnresolvableModelException
Upvotes: 1
Views: 10166
Answers (3)
Reputation: 11
Few a times even after upgrading the maven to 3.2.5 you might get the below error with respect to jackrabbit:
[ERROR] The build could not read 1 project -> [Help 1] [ERROR] The project com.adobe.training:company-ui:0.0.1-SNAPSHOT (c:\AEM-Video-Training\company\company-ui\pom.xml) has 1 error
[ERROR] Unresolveable build extension: Plugin com.day.jcr.vault:maven-vault-plugin:0.0.6 or one of its dependencies could not be resolved: Could not find artifact org
.apache.jackrabbit:jackrabbit-jcr-commons:jar:2.0-alpha8 in adobe-public-releases (http://repo.adobe.com/nexus/content/groups/public) -> [Help 2]
Solution:
1) Go to the .m2/repository/org\apache\jackrabbit\jackrabbit-jcr-commons\2.0 alpha8
2) Rename the files to make and remove "lastupdated" from the extension.
jackrabbit-jcr-commons-2.0-alpha8.jar
jackrabbit-jcr-commons-2.0-alpha8.pom
3) run "mvn clean install -P full" and see Build and deployment successful.
Upvotes: -1
Reputation: 27822
I ran into this hostname in certificate didn't match problem because of an outdated Maven version, whose HttpComponents dependencies don't work with SNI SSL certificates.
Once I updated Maven (presumably anything better than Maven 3.2.5 should work), everything worked well again.
Upvotes: 7
Reputation: 328556
HTTPS is a two-headed beast. On one hand, we really should use it for every service in the Internet, especially when downloading code (to make sure the code isn't tampered with on the way, for example).
On the other hand, setting up HTTPS is very expensive, hard to get right, the certificates age and the available libraries to talk to HTTPS servers are brittle, hostile and generally a mess to use.
So you can try to follow these instructions how to create a key store on your local computer. The next ugly task is to get the certificate from the server. Some browsers have support to export the certificate. Or you can use this tool (which doesn't work when you are behind a proxy :-( ).
But even when you do all this, chances are it won't work because of the error you got:
hostname in certificate didn't match
That basically means the HTTPS certificate on the server was created for a different server. Since that's usually a dead-sure sign of someone trying to hack your connection, Java refuses to connect (and rightly so).
Unfortunately, many HTTPS server are not configured correctly (or their domain name is changed by someone who doesn't understand what they are doing) so you get this error way more often than you should. And I haven't even stated talking about proxy servers.
That means you'll have to notify the people who gave you the URL and tell them that their setup is broken. Then you wait a couple of weeks until they fix it.
Upvotes: 0
Related Questions
- Maven - unable to find valid certification path
- maven repository sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
- Intellij Maven Repository self signed certificate, ssl error
- How to resolve repository certificate error in Gradle build
- Maven artifact cannot be resolved; attempting to resolve artifact from the wrong repository
- what is this maven certification error indicates?
- Error is resolving repository
- Maven: SunCertPathException when accessing self-signed repository
- Spring Maven repository issue
- Access a Maven repository located in https