Maven Wagon
  1. Maven Wagon
  2. WAGON-372

SSL client-side certificates stopped working in maven 3.0.4

    Details

    • Type: Bug Bug
    • Status: Closed Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.2
    • Fix Version/s: 2.4
    • Component/s: wagon-http
    • Labels:
      None
    • Environment:
      Fedora, Ubuntu
    • Number of attachments :
      2

      Description

      The following command works perfectly in Maven 3.0.3, but 3.0.4 does not seem to open the key store and therefore client side certificate authentication fails as maven never presents a certificate to the server.

      mvn deploy -Djavax.net.ssl.keyStore=/home/<user>/ssl/key.p12 -Djavax.net.ssl.keyStorePassword=****** -Djavax.net.ssl.keyStoreType=pkcs12

      adding -Djavax.net.debug=all reveals that the keystore is never loaded. Confirmed with strace that the keystore file is never touched or opened.

        Issue Links

          Activity

          Hide
          Oleg Kalnichevski added a comment - - edited


          oleg@ubuntu:~/src/apache.org/maven/maven-wagon$ mvn -version
          Maven home: /opt/maven
          Java version: 1.6.0_35, vendor: Sun Microsystems Inc.
          Java home: /opt/oracle-jdk-1.6.0.35/jre
          Default locale: en_US, platform encoding: UTF-8
          OS name: "linux", version: "3.5.0-22-generic", arch: "amd64", family: "unix"

          Oleg

          Show
          Oleg Kalnichevski added a comment - - edited — oleg@ubuntu:~/src/apache.org/maven/maven-wagon$ mvn -version Maven home: /opt/maven Java version: 1.6.0_35, vendor: Sun Microsystems Inc. Java home: /opt/oracle-jdk-1.6.0.35/jre Default locale: en_US, platform encoding: UTF-8 OS name: "linux", version: "3.5.0-22-generic", arch: "amd64", family: "unix" — Oleg
          Hide
          Oleg Kalnichevski added a comment -

          Let us try to tackle the problem in several incremental steps. Could you please see if all test cases pass for you locally with this patch only? The patch only refactors the SSL initialization code sowewhat without (intentionally) changing its behavior.

          Oleg

          Show
          Oleg Kalnichevski added a comment - Let us try to tackle the problem in several incremental steps. Could you please see if all test cases pass for you locally with this patch only? The patch only refactors the SSL initialization code sowewhat without (intentionally) changing its behavior. Oleg
          Hide
          Olivier Lamy added a comment -

          ok I have reverted some commits and it's better now.

          Show
          Olivier Lamy added a comment - ok I have reverted some commits and it's better now.
          Hide
          Olivier Lamy added a comment -

          bin.zip or bin.tar.gz available for testing here https://builds.apache.org/view/M-R/view/Maven/job/maven-3.x/

          Show
          Olivier Lamy added a comment - bin.zip or bin.tar.gz available for testing here https://builds.apache.org/view/M-R/view/Maven/job/maven-3.x/
          Hide
          Chris Owens added a comment -

          I am still experiencing this problem with the tomcat7-maven-plugin, whose "Deploy" goal I believe uses the same underlying plumbing.

          It fails under tomcat7 plugin versions 2.0 or 2.1, under
          Maven 3.0.5, with either the wagon 2.4 code that ships with maven 3.0.5, or with the lightweight 2.2 version in the comments above, and with -Dmaven.wagon.http.ssl.easy=false or true.

          Show
          Chris Owens added a comment - I am still experiencing this problem with the tomcat7-maven-plugin, whose "Deploy" goal I believe uses the same underlying plumbing. It fails under tomcat7 plugin versions 2.0 or 2.1, under Maven 3.0.5, with either the wagon 2.4 code that ships with maven 3.0.5, or with the lightweight 2.2 version in the comments above, and with -Dmaven.wagon.http.ssl.easy=false or true.

            People

            • Assignee:
              Olivier Lamy
              Reporter:
              Igor von Nyssen
            • Votes:
              3 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: