Menu
I have a Maven project that requires some dependencies that are in a repository located behind HTTPS. I can access the URL by my browser (Firefox) as it asks me a username/password, but in Maven I get Access denied.
Where can I set the username and password so that Maven can use it for that repository? This page deals with certificates and keystores, but I don't have anything like that. Do I need to know where does Firefox stores the certificate for the URL I visited?
556
1) Just run command mvn --version . Go to maven installation directory and view the content of settings. xml file under conf folder. It should tell you which maven central repository is being used.
The natural continuation of this journey begins next month on January 15th, 2020 when we will begin to enforce the use of HTTPS for all consumers of content from Maven Central.
The solution is very easy, you just need to replace the urls to maven central repository (and maybe other main repositories) to https instead of http. That's all!!! In case, you have never defined the repositories url and you are using the default values, you just need to add the new repositories with https.
By default, Maven will always look in the official Maven repository, which is http://repo1.maven.org. When Maven tries to build a project, it will look in your local repository (by default ~/. m2/repository but you can configure it by changing the <localRepository> value in your ~/. m2/settings.
Username and password is stored into your .m2/ folder in a file called settings.xml (create it if you don't have it).
<settings>
<servers>
<server>
<!-- this id should match the id of the repo server in pom.xml -->
<id>myrepo</id>
<username>deployment</username>
<password>password</password>
</server>
</servers>
</settings>
For the second question, it's actually explained in the link you provided, except the keytool link is not working. If I remember right it was posted by a Sun employee in his blog and when Oracle took over the page disappeared. There should be multiple copies of it around the net. One of them is my slightly modified version on GitHub:
https://github.com/stivlo/obliquid-lib/blob/master/src/main/java/org/obliquid/scripts/InstallCert.java
The basic concept is that you don't have to find where Firefox stores the certificates, you download it with the tool in a file.
198
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
