How to use Maven with a HTTPS Repository Server

Contents


This page describes the configuration of Maven for using a HTTPS repository server (as the multiagent group's server).


Caution: This page gives the guidelines for the Linux operating system. If they differ on the other operating systems, please send an email to St├ęphane GALLAND with the changes of the guidelines.

Install the HTTPS Certificate of the Server

The first step is to install the HTTPS certificate in your host. You must download and install the certificate into your personal key store.

The following script may be invoked to download and install the certificate in one command. Otherwise, it contains the commands to enter on the CLI.


#!/bin/bash
 
ADDRESS="$1"
CERT_FILE="$3"
ALIAS="$2"
 
if [ -z "$ADDRESS" -o -z "$CERT_FILE" -o -z "$ALIAS" ]
then
  echo "usage: `basename $0` <host_name> <cert_alias> <cert_file>" >&2
  exit 1
fi
 
echo -n | openssl s_client -connect $ADDRESS:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > "$CERT_FILE"
 
keytool -delete -alias "$ALIAS"
keytool -importcert -trustcacerts -alias "$ALIAS" -file "$CERT_FILE"


Example of a call to the script for the multiagent group server:

$> ./script devmas-set.utbm.fr devmas devmas.cert


Download the certificate

Let says the HTTPS server is named maven.utbm.fr. You could download the certificate file, says "maven.cert" of this server with your preferred web browser, or on the CLI with the opennssl command:


$> openssl s_client -connect maven.utbm.fr:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > maven.cert

Install the Certificate in your keystore

You must install the certificate in your keystore. The tool to use is keytool, and the standard filename of the keystore is $HOME/.keystore.


To install the certificate, you must have a local file of the certificate, says "maven.cert". You must decided of the alias name to given to the certificate in your keystore, says "devmaven". Then you could invoke keytool to install the certificate.


$> keytool -importcert -trustcacerts -alias "devmaven" -file "maven.cert"

Using the HTTPS Certificate with Maven

To notify Maven to use your keystore when it is trying to access to a HTTPS server, you must create the configuration file "$HOME/.mavenrc" with the below content.


Caution 1: You must check that your installation of Maven is opening the configuration file .mavenrc. To do, you must open the file /usr/bin/mvn, and seach for the name of the configuration file.


Caution 2: You must replace "path_to_keystore" by the path to your keystore (usually, $HOME), and replace "pwd" by the password you have entered for the keystore.


MAVEN_OPTS="-Djavax.net.ssl.trustStore=path_to_keystore/.keystore \
            -Djavax.net.ssl.trustStorePassword=pwd  \
            -Djavax.net.ssl.keyStore=path_to_keystore/.keystore \
            -Djavax.net.ssl.keyStorePassword=pwd \
            -XX:PermSize=256m \
            -XX:MaxPermSize=256m \
            -XX:+CMSClassUnloadingEnabled \
            -XX:-UseParallelGC \
	    -D-64 \
            $MAVEN_OPTS"
This page was last modified on 3 July 2017, at 13:08. This page has been accessed 10,770 times.
Copyright 2010-2018 © Laboratoire Électronique Informatique Image - Université Bourgogne Franche-Comté - Privacy policy