如何告诉 Maven 忽略 SSL 错误(并信任所有证书)? [英] How to tell Maven to disregard SSL errors (and trusting all certs)?

问题描述

我经常需要运行mvn"命令:

I frequently need to run "mvn" command :

mvn -f pom.xml clean install -Dmaven.test.skip=false --settings /Users/myhome/settings.xml -X -Djavax.net.ssl.trustStore=/Users/myhome/truststore.jks -Djavax.net.ssl.trustStoreType=JKS -Djavax.net.ssl.trustStorePassword=dummy -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -U

由于我需要与其他各种域集成，所以目前每次我都必须将他们的证书添加到我的 truststore.jks 以防止 SSL 握手错误.

As I need to integrate with various other domains, so currently every time I have to add their certificate to my truststore.jks to prevent SSL handshake errors.

有什么办法可以配置 mvn 以忽略 SSL 错误.

Is there any way I can configure mvn to ignore SSL errors.

推荐答案

您可以通过添加以下一个或多个命令行参数来禁用 SSL 证书检查:

You can disable SSL certificate checking by adding one or more of these command line parameters:

• -Dmaven.wagon.http.ssl.insecure=true - 允许对用户生成的证书使用宽松的 SSL 检查.
• -Dmaven.wagon.http.ssl.allowall=true - 启用服务器的 X.509 证书与主机名的匹配.如果禁用，将使用像 check 这样的浏览器.
• -Dmaven.wagon.http.ssl.ignore.validity.dates=true - 忽略证书日期问题.

• -Dmaven.wagon.http.ssl.insecure=true - enable use of relaxed SSL check for user generated certificates.
• -Dmaven.wagon.http.ssl.allowall=true - enable match of the server's X.509 certificate with hostname. If disabled, a browser like check will be used.
• -Dmaven.wagon.http.ssl.ignore.validity.dates=true - ignore issues with certificate dates.

官方文档:http://maven.apache.org/wagon/wagon-providers/wagon-http/

这是一个易于复制和粘贴的单行:

Here's the oneliner for an easy copy-and-paste:

-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true

Ajay Gautam 建议您也可以将上述内容添加到 ~/.mavenrc 文件，因为不必每次都在命令行中指定它:

Ajay Gautam suggested that you could also add the above to the ~/.mavenrc file as not to have to specify it every time at command line:

$ cat ~/.mavenrc 
MAVEN_OPTS="-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true"

这篇关于如何告诉 Maven 忽略 SSL 错误(并信任所有证书)?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！