Reputation: 1244
Maven ignoring JRE keystore
I have a self-signed CA certificate installed on my JRE keystore. When I type keytool -list -keystore $JAVA_HOME/jre/lib/security/cacerts|grep mycert I can actually see that it is properly installed. However, when I run some functional tests through Maven, I get errors like the following one:
Certificate for doesn't match any of the subject alternative names: []; nested exception is javax.net.ssl.SSLPeerUnverifiedException: Certificate for doesn't match any of the subject alternative names
My setup is OSX Sierra, JRE 8u151-oracle and maven 3.0.5, both installed through sdkman. The most strange thing is that the errors disappear when I run maven from IntelliJ. I've been doing some investigation and found that it uses a different maven launcher. Here are the generated commands:
# IntelliJ
/Users/jdebenitocalzada/.sdkman/candidates/java/8u151-oracle/bin/java
-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Djsse.enableSNIExtension=false
-Dmaven.home=/Users/jdebenitocalzada/.sdkman/candidates/maven/3.0.5
-Dclassworlds.conf=/Users/jdebenitocalzada/.sdkman/candidates/maven/3.0.5/bin/m2.conf
-classpath /Users/jdebenitocalzada/.sdkman/candidates/maven/3.0.5/boot/plexus-classworlds-2.4.jar
org.codehaus.classworlds.Launcher
test
# Maven
Users/jdebenitocalzada/.sdkman/candidates/java/8u151-oracle/bin/java
-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Djsse.enableSNIExtension=false
-Dmaven.home=/Users/jdebenitocalzada/.sdkman/candidates/maven/current
-Dclassworlds.conf=/Users/jdebenitocalzada/.sdkman/candidates/maven/current/bin/m2.conf
-classpath /Users/jdebenitocalzada/.sdkman/candidates/maven/current/boot/plexus-classworlds-2.4.jar
org.codehaus.plexus.classworlds.launcher.Launcher
test
As you can see, the only difference is that IntelliJ uses org.codehaus.classworlds.Launcher vs org.codehaus.plexus.classworlds.launcher.Launcher used by Maven when running from the CLI.
My question is mainly why Maven is ignoring the keystore when running from command line, but also, why it is using a different runner when running from IntelliJ, and what's the difference between both runners.
NOTE: I'm almost sure that the difference in behavior is due to the use of a different runner, it has nothing to do with JDK versions, as it runs properly when I run the IntelliJ-generated command from CLI.
Upvotes: 0
Views: 851
Answers (1)
Reputation: 1244
I don't know why, but it seems that the problem had something to be with the fact that I was using an alias for adding some options to mvn command. After moving those options to MAVEN_OPTS env var, it started working properly.
Upvotes: 1
Related Questions
- Intellij Maven Repository self signed certificate, ssl error
- Maven Error: (repeated) java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
- intelliJ idea java certificate
- "PKIX path building failed" after importing certificate to java keystore
- Maven not using system keystore when custom trusstore provided
- IntelliJ "Invalid Keystore Format" When Importing a Project From Source
- How do you get Maven to accept invalid SSL certificates?
- Maven: SunCertPathException when accessing self-signed repository
- Maven configuration in IntelliJ yields authorization exception
- keystore.jks (for SSL) cannot be found when running project with Intellij IDEA, but is found by Eclipse