Maven failing due to java.security API warning

Question

mvn clean package is failing due to a warning. Is it due to this bug (its fixed though)? Any suggestions on how to fix this problem.

[loading java/security/KeyPairGenerator.class(java/security:KeyPairGenerator.class)]
[loading sun/security/jca/GetInstance.class(sun/security/jca:GetInstance.class)]
[loading sun/security/jca/GetInstance$Instance.class(sun/security/jca:GetInstance$Instance.class)]
[loading java/security/KeyPairGeneratorSpi.class(java/security:KeyPairGeneratorSpi.class)]
[loading java/security/spec/AlgorithmParameterSpec.class(java/security/spec:AlgorithmParameterSpec.class)]
[loading java/security/spec/EncodedKeySpec.class(java/security/spec:EncodedKeySpec.class)]
[loading java/security/spec/KeySpec.class(java/security/spec:KeySpec.class)]
/home/user/common/common-lib/src/main/java/com/org/security/CryptoUtil.java:200: warning: sun.security.x509.CertAndKeyGen is Sun proprietary API and may be removed in a future release
        CertAndKeyGen generator = null;
        ^

/home/user/common/common-lib/src/main/java/com/org/security/CryptoUtil.java:[203,19] sun.security.x509.CertAndKeyGen is Sun proprietary API and may be removed in a future release

/home/user/common/common-lib/src/main/java/com/org/security/CryptoUtil.java:[205,3] sun.security.x509.X500Name is Sun proprietary API and may be removed in a future release
/home/user/common/common-lib/src/main/java/com/org/security/CryptoUtil.java:[205,23] sun.security.x509.X500Name is Sun proprietary API and may be removed in a future release

could not parse error message: [loading sun/security/util/DerInputStream.class(sun/security/util:DerInputStream.class)]
[loading sun/security/util/DerValue.class(sun/security/util:DerValue.class)]
[loading sun/security/x509/RDN.class(sun/security/x509:RDN.class)]
[loading java/security/cert/X509Extension.class(java/security/cert:X509Extension.class)]
[loading java/security/cert/Certificate.class(java/security/cert:Certificate.class)]
[loading java/io/FileDescriptor.class(java/io:FileDescriptor.class)]
[loading java/security/KeyStore$LoadStoreParameter.class(java/security:KeyStore$LoadStoreParameter.class)]
[loading java/security/Key.class(java/security:Key.class)]
[loading java/security/SignatureSpi.class(java/security:SignatureSpi.class)]
[loading java/nio/ByteBuffer.class(java/nio:ByteBuffer.class)]
/home/user/common/common-lib/src/main/java/com/org/security/CryptoUtil.java:400: warning: com.sun.org.apache.xerces.internal.impl.dv.util.Base64 is Sun proprietary API and may be removed in a future release
        out.print( Base64.encode( key.getEncoded() ) );
                   ^

could not parse error message: [loading java/security/Principal.class(java/security:Principal.class)]
[loading javax/security/auth/x500/X500Principal.class(javax/security/auth/x500:X500Principal.class)]
[loading java/io/FileWriter.class(java/io:FileWriter.class)]
[loading java/io/OutputStreamWriter.class(java/io:OutputStreamWriter.class)]
/home/user/common/common-lib/src/main/java/com/org/security/CryptoUtil.java:415: warning: com.sun.org.apache.xerces.internal.impl.dv.util.Base64 is Sun proprietary API and may be removed in a future release
        out.print( Base64.encode( certificate.getEncoded() ) );

Answer 1

By providing the below arguments in the pom.xml of my project solved the issue.

<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<compilerArguments>
<bootclasspath>${java.home}\lib\rt.jar</bootclasspath>
</compilerArguments>
</configuration>
</plugin>

But still unclear as to why this works?

Answer 2

Looking at the comments in the bug link in the question, it looks like the problem occurs when verbose is turned on. Can you check if this is true in your case and if so, check if the error persists if it is turned off?