Miki
Miki

Reputation: 7188

m2e with ssl certificate-based authentication

TL;DR

How to make Eclipse's built-in Maven connect to an HTTPS repository that uses certificate-based authentication?

It seems that m2e is able to find the keystores, but unable to connect. Command-line Maven works like a charm using exactly the same keystores. Run as -> Maven build works with external Maven and not with the embedded one.

Problem

I have a Maven project with a dependency. That dependency is available in a repository that uses SSL certificate-based authentication in addition to regular username-password combination. I need to make it work in Eclipse Luna, with the built-in Maven. All I am able to get is handshake_failure. Investigation of the logs shows that the built-in Maven is unable to find a matching certificate.

When I use Run as -> Maven build with an external Maven, or command-line Maven, it successfully connects to the repository and fetches the artifact exactly as needed.

The interesting thing is, both external and embedded Mavens have the same version (3.2.3).

Setup

I pass these parameters through eclipse.ini:

-Djavax.net.ssl.trustStore=java.cacerts
-Djavax.net.ssl.trustStorePassword=******
-Djavax.net.ssl.keyStore=private.cacerts
-Djavax.net.ssl.keyStorePassword=******
-Djavax.net.debug=ssl,handshake

The trustStore file contains:

The keyStore file contains an imported PKCS certificate under an alias of the repository.

There seems to be no problem at all with the setup, as the command-line Maven works. If I use external Maven or command-line one, it works. If I swich to embedded one (which is always used for resolving dependencies), handshake error shows up.

What am I doing wrong? I might be missing something completely obvious. Any help would be appreciated.

Upvotes: 12

Views: 19496

Answers (4)

Piotr Borowczynski
Piotr Borowczynski

Reputation: 195

I managed to fix it by setting external maven in eclipse. Eclipse->Window->Preferences->Maven->Installations->Add

Upvotes: 0

Uvaraj Krishna
Uvaraj Krishna

Reputation: 51

Options that didn't work for me

  • Installing certificate to java > jre > lib > security > cacerts
  • Providing cacerts in java run configuration vm arguments
  • Updating eclipse to latest versions like mars or neon
  • Updating maven plugin for eclipse to 1.7.0

Steps that resolved the issue for me

  • Download certificate file & add in eclipse at Preferences > Remote Systems > SSL > Add
  • Clear .m2 > repository folder of all existing files
  • Open eclipse, right-click on project and Select Maven > Update Project. Choose Force Update of Snapshots/Releases

updated on 9/19/2017

Upvotes: 5

Alexey Sh.
Alexey Sh.

Reputation: 56

I had exactly the same problem: Eclipse could not connect to external maven repository using embedded maven installation in case the repository requires a client SSL certificate.

The problem was solved by upgrading to latest jvm (in my case - 1.8.0u52) and upgrading Eclipse m2e plugin to version 1.6.1 (with Eclipse version 4.4.0).

Upvotes: 4

user4802011
user4802011

Reputation: 11

In your run configurations select your maven build and then select the JRE tab at the top of the dialog. Put your SSL parameters into the VM arguments text-area.

that's what fixed it for me.

Upvotes: 1

Related Questions