I'm experimenting a bit with releasing my software (I've never done this before) and so far I've been able to execute mvn release:prepare. As I'm executing release:perform I get the following error:
[INFO] [ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plug
in:2.7:deploy (default-deploy) on project img2stl: Failed to deploy artifacts: C
ould not transfer artifact nl.byterendition:img2stl:jar:0.9 from/to byterenditio
n-releases (https://localhost:443/svn/repo/releases): peer not authenticated ->
[Help 1]
I've set up a local password protected svn repository at localhost:443, so I added the following to my settings.xml in my .m2 folder
EDITED TO INCLUDE Edwin Buck's answer:
<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
<server>
<id>byterendition-releases</id>
<username>username</username>
<password>password</password>
</server>
<server>
<id>byterendition-snapshots</id>
<username>username</username>
<password>password</password>
</server>
</servers>
</settings>
This is the useful section of my pom:
<distributionManagement>
<repository>
<id>byterendition-releases</id>
<url>https://localhost:443/svn/repo/releases</url>
</repository>
<snapshotRepository>
<id>byterendition-snapshots</id>
<url>https://localhost:443/svn/repo/snapshots</url>
</snapshotRepository>
</distributionManagement>
How can I get maven to access the svn repository?
Ok, as Edwin Buck suggested I shouldn't use localhost, but since I haven't been able to get it to work otherwise I thought I'd try this using a remote SVN server I use for work. Now I get a different error:
[INFO] [ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plug
in:2.7:deploy (default-deploy) on project img2stl: Failed to deploy artifacts: C
ould not transfer artifact nl.byterendition:img2stl:jar:0.9.5 from/to byterendit
ion-releases (https://svn.science.ru.nl/repos/estens/releases/): Failed to trans
fer file: https://svn.science.ru.nl/repos/estens/releases/nl/byterendition/img2s
tl/0.9.5/img2stl-0.9.5.jar. Return code is: 409, ReasonPhrase: Conflict. -> [Hel
p 1]
Again I can access this repo from Eclipse. Does anyone know what I'm doing wrong?
Since version 3.0.5 Maven checks the SSL certificate on https connections. You can temporarily fix this by adding the command line parameters
-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true
Installing the SSL certificate into your JRE should permanently fix the issue.
Official documentation: http://maven.apache.org/wagon/wagon-providers/wagon-http/
Step 1. Download the certificate in DER format *.cer (/X.509 .cert) file to your local dir
(You can do this from your browser; For Chrome Click on the Lock symbol, Show Ceritficate --> Copy to File)
Step 2. Import it to Java trust store
\Program_Files\Java\jdk1.6.0_45\jre\lib\security>%JAVA_HOME%\jre\bin\keytool
-v -alias mavensrv -import -file d:\temp\apacher.cer -keystore trust.jks
Step 3. Give the path to maven as environment variables
set MAVEN_OPTS=-Xmx512m
-Djavax.net.ssl.trustStore=%JAVA_HOME%/jre/lib/security/trust.jks -Djavax.net.ssl.trustStorePassword=changeit -Djavax.net.ssl.keyStore=%JAVA_HOME%/jre/lib/security/trust.jks -Djavax.net.ssl.keyStoreType=jks -Djavax.net.ssl.keyStorePassword=changeit
Your entry in settings.xml is for a server id of localhost but you are accessing repositories with id(s) of byterendition-releases and byterendition-snapshots.
This means that maven won't recogonize and associate the credentials with these two servers, because they have different "identities". You will need settings.xml entries for byterendition-releases and byterendition-snapshots.
Now if you added an entry like
<server>
<id>byterendition-releases</id>
<username>user</username>
<password>password</password>
</server>
Then maven would meet the https authentication challenge to byterendition-releases with a username of user and a password of password, because it has a server credential entry for byterendition-releases.
You'll also have to add in an additional entry for byterendition-snapshots, or set it to have the same server id as byterendition-releases.
--- Edited to keep up with the updated question ---
You are reaching for your repository with a localhost URL. While this might work if your repository is really on the same host machine, there are lots of reasons why it might not work.
The SVN repository is on a remote SVN server, so this will fail when developing elsewhere than the remote server.
The HTTP server is not configured to resolve localhost exactly the same way that it might resolve an external request.
Either way, ditch localhost. If you can't get a stable DNS name for the machine, even putting in an IP address is a better choice. If your SVN server is on DHCP, then invest the time into getting DynamicDNS working (but really, you should get a static IP for a server if you can).
https://github.com/escline/InstallCert provides the necessary tools and provides a step by step instruction on how to import a remote certificate into the system-wide certificate store.
I found that the Java version can make a difference here.
With Maven 3.0.5 I was getting this error with Java 6, but switching to Java 7 (or newer) resolved it for me.
It looks like a SSL problem when connecting to the server. Maybe before the username and password check.
Did you config the svn server with SSL client auth? This means you need to send a client certificate to the server.
I've had lot of security issues after upgrading to OSX Mavericks
SSL problem with Amazon AWS
peer not authenticated with Maven and Eclipse
trustAnchors parameter must be non-empty
I applied this JAVA update and it fixed all my issues:
http://support.apple.com/kb/DL1572?viewlocale=en_US
I'm using maven 3.5.3, and I choose to temporarily fix this SSL issue by adding the command line parameters according to above answers. But the parameters's format seems changed a little.
-D maven.wagon.http.ssl.insecure=true -D maven.wagon.http.ssl.allowall=true
Sorry I can't comment #Alex Punnen's answer, so I have to write a new answer.
I had the same issue using maven 3.6.0. All proposed solutions (using -Dmaven.wagon.http.ssl.insecure=true, -Dmaven.wagon.http.ssl.allowall=true, update CA store) did not work for me. Actually the deployment failed not on the first module but on the ~25ish or so, and was successful for all previous modules. Thus I assumed that in general the SSL handling was ok and there was general issue in the local <> server connection or certificates.
Leaving me quite confused for some time, I today stumbled across this jacoco issue where they mention the deployAtEnd parameter. Adding this parameter to my pom.xml as part of the deploy plugin configuration solved the issue for me.
However, I'm yet not clear on why the deployment failed on some later module and not on the first already.
Related
I'm trying to build a spring-boot maven project from a jenkins pipeline.
Error:
ERROR: Failed to parse POMs
org.apache.maven.project.ProjectBuildingException: Some problems were encountered while processing the POMs:
[FATAL] Non-resolvable parent POM for xxx.xxxxx.xxxx:finance-portal:0.0.1-SNAPSHOT:
Failure to transfer org.springframework.boot:spring-boot-starter-parent:pom:2.4.2
Original error: Could not transfer artifact org.springframework.boot:spring-boot-starter-parent:pom:2.4.2
from/to central (https://repo.maven.apache.org/maven2):
Connect to repo.maven.apache.org:443 [repo.maven.apache.org/151.101.24.215] failed:
Connection refused (Connection refused) and 'parent.relativePath' points at no local POM # line 6, column 10
maven goal:
clean install -U -X
pom.xml:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.4.2</version>
<relativePath /> <!-- lookup parent from repository -->
</parent>
The resolutions I tried so far:
Setting up org proxy through settings.xml file in jenkins and use the config in the pipeline.
Setting up proxies through maven goal: clean install -DproxySet=true -DproxyHost=proxy.com -DproxyPort=xxxxx.
Omitting/Changing relativePath tag in pom.xml to <relativePath>../pom.xml</relativePath> and few other variants.
Remove jenkins workspace for the project and re-build it.
make a curl request to maven central repo before the build to check connection establishment: curl -I -x proxy.com:xxxxx "https://repo.maven.apache.org/maven2". The connection gets established but fails in the build process.
I bet you missed something configuring the proxy setting. For example set up the wrong protocol or you misspelled/misplaced the proxies tag in the setting.xml file.
Here is an example from Apache manual:
<settings>
.
<proxies>
<proxy>
<id>example-proxy</id>
<active>true</active>
<protocol>http</protocol>
<host>proxy.example.com</host>
<port>8080</port>
<username>proxyuser</username>
<password>somepassword</password>
<nonProxyHosts>www.google.com|*.example.com</nonProxyHosts>
</proxy>
</proxies>
.
</settings>
The protocol seems to be a protocol of the proxy server, not of the proxied request. Here is a long discussion about this point:
How to configure a proxy server for both HTTP and HTTPS in Maven's settings.xml?
It is also possible your setting.xml was placed on the wrong place. Here is the default location:
(Linux) /home/bob/.m2/settings.xml
(Windows) C:\Users\bob\.m2\settings.xml
IDE or CD/CI pipeline could override the default location. It can be done like this:
mvn --settings your_location/settings.xml clean install
(or)
mvn -s your_location/settings.xml clean install
Another problem could be the conflict with JVM proxy configuration. I am not sure, which configuration has priority. JVM uses its own arguments:
http.proxyHost (default: <none>)
http.nonProxyHosts (default: localhost|127.*|[::1])
http.proxyPort (default: 80)
https.proxyHost(default: <none>)
https.proxyPort (default: 443)
Here http and https are protocols of the proxied request (at least AFAIU)
https://docs.oracle.com/javase/8/docs/api/java/net/doc-files/net-properties.html
One more possible problem could be the argument -Djava.net.useSystemProxies. If it is set to true (default - false) the operation system wide proxy configuration is used.
While 30thh's answer was definitely helpful for troubleshooting, as a last resort I just cloned a working VM to a new instance, created my pipeline there and it worked like a charm in the first attempt. So it's pretty evident that it was something to do with proxy/firewall of the previous VM/jenkins.
I have the following problem while trying to download the artifact bbb:
[ERROR] Failed to execute goal on project phoenix-model: Could not
resolve dependencies for project
aaa:jar:4.7.0-SNAPSHOT: Failed to
collect dependencies at
bbb:jar:1.0.24-SNAPSHOT: Failed to
read artifact descriptor for
bbb:jar:1.0.24-SNAPSHOT: Could not
transfer artifact
bbb:pom:1.0.24-SNAPSHOT from/to
nexus (https://s.s.com/nexus/content/groups/public):
Hostname 's.s.com' was not verified - [Help 1]
it tries to connect to s.s.com (not the real name) but could not find it in the cacerts keystore since the site doesn't use the name s.s.com in it's certificate but rather s.j.com (and i can't change that since i'm not the admin).
Any way to tell maven or jdk to bypass that?
I am running the command from the eclipse m2 tool plugin by adding the following in the jdk arguments:
-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Djsse.enableSNIExtension=false -Dmaven.wagon.http.ssl.ignore.validity.dates=true
currently using the embeded mvn of kepler which is at 3.2.1
any idea what is wrong?
if i used the same setting with the exception of mvn configured at external version 3.2.2 it runs perfectly fine.
I want to install bamboo agent on my working computer. I have downloaded the jar file and try to run it with following syntax
java -jar atlassian-bamboo-agent-installer-5.7.0.jar https://bamboo.xxxxx.org/agentServer/
I got error javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated.
The source of this error is clear to me - we have a self-signed SSL sertificate. I tried to run with following parameters
java -Dbamboo.agent.ignoreServerCertName=true -jar atlassian-bamboo-agent-installer-5.7.0.jar https://bamboo.xxxxx.org/agentServer/
but it does not work as well.
I tried to add the certificate using this link Java keytool easy way to add server cert from url/port
The sertificate seems to be installed, but it does not help. I still have the following error.
Do you know how can I fix it?
The problem was that bamboo did not obtained (for some reason) the keystorage created by keytool.
I needed to manually set the keystore in the bamboo configuration. In config/wrapper.conf you need to add following lines
wrapper.java.additional.3=-Djavax.net.ssl.keyStore=/#MODIFY_ME_TO_MY_HOME#/bamboo-agent-home/keystores/client.ks
wrapper.java.additional.4=-Djavax.net.ssl.keyStorePassword=#MY_AWESOME_PASSWORD#
wrapper.java.additional.5=-Djavax.net.ssl.trustStore=/#MODIFY_ME_TO_MY_HOME#/bamboo-agent-home/keystores/client.ts
This can be caused if you are running Bamboo behind Apache with SSL, if your default SSL VirtualHost is not returning the same SSLCertificate as your Bamboo VirtualHost. We had a similar problem, because I didn't know /etc/httpd/conf.d/ssl.conf created a VirtualHost.
I previously worked on a project in Ruby on Rails using Vagrant as development environment. After I finished the project, I started to work in a project in Java, but when i try to clone the project into my workspace, i'm getting this error on Git Bash console:
git clone git#git.address.com:mari/project.git
Cloning into 'project'
/usr/local/rvm/rubies/ruby-1.9.3-p429/lib/ruby/1.9.1/net/http.rb:763:in 'initialize': No route to host - connect(2) (Errno::EHOSUNREACH)
from /usr/local/rvm/rubies/ruby-1.9.3-p429/lib/ruby/1.9.1/net/http.rb:763:in 'open'
from /usr/local/rvm/rubies/ruby-1.9.3-p429/lib/ruby/1.9.1/net/http.rb:763:in 'block in connect'
from /usr/local/rvm/rubies/ruby-1.9.3-p429/lib/ruby/1.9.1/net/http.rb:55:in 'timeout'
from /usr/local/rvm/rubies/ruby-1.9.3-p429/lib/ruby/1.9.1/net/http.rb:100:in 'timeout'
from /usr/local/rvm/rubies/ruby-1.9.3-p429/lib/ruby/1.9.1/net/http.rb:763:in 'connect'
from /usr/local/rvm/rubies/ruby-1.9.3-p429/lib/ruby/1.9.1/net/http.rb:756:in 'do_start'
from /usr/local/rvm/rubies/ruby-1.9.3-p429/lib/ruby/1.9.1/net/http.rb:745:in 'start'
from /opt/git/gitlab-shell/lib/gitlab_net.rb:56:in 'get'
from /opt/git/gitlab-shell/lib/gitlab_net.rb:17:in 'allowed?'
from /opt/git/gitlab-shell/lib/gitlab_net.rb:51:in 'validate_access'
from /opt/git/gitlab-shell/lib/gitlab_net.rb:21:in 'exec'
from /opt/git/gitlab-shell/lib/gitlab_net.rb:16:in '<main>'
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
NOTE: I've tried this solution (Change the URI (URL) for a remote Git repository) and didn't work. Any idea what might be happening?
EDIT: I'm using Windows, but the VM used on Vagrant is Linux.
Try adding the protocol to the beginning of the remote url:
ssh://git#git.address.com/mari/project.git
Also don't use a : to seperate path and uri, but use a / instead.
Of course, you can use another protocol as ssh.
try git remote url like this
http://<username>#git.address.com/<path>.git
I have a section in a POM that looks something like this:
<scm>
<connection>scm:cvs:ext:myhostname:/cvsroot/repo:module_name</connection>
</scm>
I typically use publickey auth to authentication against this cvs server, although it should accept my password as well.
When I attempt to run mvn scm:update, mvn release:prepare, or any other Maven goal that involves connecting to this scm, I get the following failure:
[INFO] Executing: cmd.exe /X /C "cvs -z3 -f -q update -d"
[INFO] Working directory: C:\Documents and Settings\matt\workspace\projectname
org.netbeans.lib.cvsclient.connection.AuthenticationException: Cannot authenticate. Reason: Publickey authentication failed.
at org.apache.maven.scm.provider.cvslib.cvsjava.util.ExtConnection.open(ExtConnection.java:136)
at org.apache.maven.scm.provider.cvslib.cvsjava.util.CvsConnection.connect(CvsConnection.java:166)
at org.apache.maven.scm.provider.cvslib.cvsjava.util.CvsConnection.processCommand(CvsConnection.java:498)
at org.apache.maven.scm.provider.cvslib.cvsjava.command.update.CvsJavaUpdateCommand.executeCvsCommand(CvsJavaUpdateCommand.java:53)
at org.apache.maven.scm.provider.cvslib.command.update.AbstractCvsUpdateCommand.executeUpdateCommand(AbstractCvsUpdateCommand.java:78)
at org.apache.maven.scm.command.update.AbstractUpdateCommand.executeCommand(AbstractUpdateCommand.java:63)
at org.apache.maven.scm.command.AbstractCommand.execute(AbstractCommand.java:59)
at org.apache.maven.scm.provider.cvslib.AbstractCvsScmProvider.executeCommand(AbstractCvsScmProvider.java:750)
at org.apache.maven.scm.provider.cvslib.AbstractCvsScmProvider.update(AbstractCvsScmProvider.java:348)
at org.apache.maven.scm.provider.AbstractScmProvider.update(AbstractScmProvider.java:821)
at org.apache.maven.scm.provider.AbstractScmProvider.update(AbstractScmProvider.java:770)
at org.apache.maven.scm.manager.AbstractScmManager.update(AbstractScmManager.java:526)
at org.apache.maven.scm.plugin.UpdateMojo.execute(UpdateMojo.java:89)
(lots more of the stacktrace....)
And further down in the stacktrace:
Caused by: java.io.IOException: Decrypted PEM has wrong padding, did you specify the correct password?
at ch.ethz.ssh2.crypto.PEMDecoder.removePadding(PEMDecoder.java:109)
at ch.ethz.ssh2.crypto.PEMDecoder.decryptPEM(PEMDecoder.java:286)
at ch.ethz.ssh2.crypto.PEMDecoder.decode(PEMDecoder.java:319)
Followed by:
[ERROR] Provider message:
[ERROR] The cvs command failed.
[ERROR] Command output:
I'm running this on a Windows machine, with no cvs executable on the PATH. I do have my public key available under $HOME/.ssh, but it doesn't seem as if cvs/maven/scm is loading it here - as I'm not asked for the keyphrase for it.
So my question is ... is there anything special I need to do with Maven or the SCM/CVS provider to get it to recognize where my public key is installed, or how to actually use it? Currently it doesn't seem as if it is even being used as I am not prompted for it's passphrase.
So after debugging this a bit more, and downloading the source code for the maven-scm-provider-cvs package, I discovered that the CVS library used by this plugin uses the empty string ("") for the passphrase value if it finds your private key. To use the correct passphrase, the library expects you to set a System property with the key name maven.scm.cvs.java.ssh.passphrase.
So, if I run my scm:status goal like so:
mvn scm:status -Dmaven.scm.cvs.java.ssh.passphrase=<my passphrase>
I'm able to connect to CVS.
Gee - I really wish this was documented!
I solved this by executing the cvs+ssh login command from the console before using maven. This added the magic numbers to $home/.ssh for the automated login to work.
If this is because of a self-signed cert, check out the InstallCert code on how to add the self signed cert to the client. Or this example on how to replace the default X509 Trust code.