How to configure maven settings.xml to access nexus behind an apache proxy
"peer not authenticated" usually means the SSL certificate presented by the server is not signed by an authority the client JRE knows about (e.g. self-signed).
If that is the case, you need to import the CA certificate into the JRE's trust store (or override it with your own).
![Admin](/assets/logo_square_200-5d0d61d6853298bd2a4fe063103715b4daf2819fc21225efa21dfb93e61952ea.png)
Admin
Updated on August 21, 2022Comments
-
Admin almost 2 years
I'm having trouble with getting artifacts from nexus and I hope that the community can help me out. It is not a problem to access and work in the nexus web application (I've set the Base URL to https://www.fakesitename.com/nexus).
All calls to https://www.fakesitename.com/nexus is redirected / forwarded / proxied (what's the correct terminology?) to an internal server on the network
<VirtualHost *:443> ServerName www.fakesitename.com ServerAdmin [email protected] DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined <Proxy *> AddDefaultCharset Off Order deny,allow Allow from all </Proxy> ProxyRequests Off ProxyPreserveHost On ProxyPass /nexus http://192.168.0.178:8081/nexus ProxyPassReverse /nexus http://192.168.0.178:8081/nexus SSLEngine on SSLCertificateFile /certs/mysite/ssl.crt SSLCertificateKeyFile /certs/mysite/ssl.key </VirtualHost>
The settings.xml file:
<?xml version="1.0" encoding="UTF-8"?> <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd"> <mirrors> <mirror> <id>public</id> <mirrorOf>*</mirrorOf> <url>https://www.fakesitename.com/nexus/content/groups/public</url> </mirror> </mirrors> <!-- What should be in here? <proxies> <proxy> <id>myproxy</id> <active>true</active> <protocol>https</protocol> <host>www.fakesitename.com</host> <port>443</port> <nonProxyHosts>127.0.0.1|192.168.0.178</nonProxyHosts> </proxy> </proxies> --> <servers> <server> <id>releases</id> <username>deployment</username> <password>deployment123</password> </server> <server> <id>snapshots</id> <username>deployment</username> <password>deployment123</password> </server> </servers> <profiles> <profile> <id>nexus</id> <repositories> <repository> <id>central</id> <url>https://www.fakesitename.com/nexus/content/groups/public</url> <releases><enabled>true</enabled></releases> <snapshots><enabled>true</enabled></snapshots> </repository> </repositories> <pluginRepositories> <pluginRepository> <id>central</id> <url>https://www.fakesitename.com/nexus/content/groups/public</url> <releases><enabled>true</enabled></releases> <snapshots><enabled>true</enabled></snapshots> </pluginRepository> </pluginRepositories> </profile> </profiles> <activeProfiles> <activeProfile>nexus</activeProfile> </activeProfiles> </settings>
When I run for instance mvn clean of a project with the proxies section outcommented I get ...peer not authenticated...
[INFO] Scanning for projects... Downloading: https://www.fakesitename.com/nexus/content/groups/public/com/fakesitename/poms/super/1.3/super-1.3.pom [ERROR] The build could not read 1 project -> [Help 1] [ERROR] [ERROR] The project com.fakesitename.library:application:1.3-SNAPSHOT (/tmp/application/pom.xml) has 1 error [ERROR] Non-resolvable parent POM: Could not transfer artifact com.fakesitename.poms:super:pom:1.3 from/to public (https://www.fakesitename.com/nexus/content/groups/public): peer not authenticated and 'parent.relativePath' points at wrong local POM @ line 5, column 11 -> [Help 2] [ERROR] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] [ERROR] For more information about the errors and possible solutions, please read the following articles: [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException [ERROR] [Help 2] http://cwiki.apache.org/confluence/display/MAVEN/UnresolvableModelException
j
and with the section not outcommented
[INFO] Scanning for projects... Downloading: https://www.fakesitename.com/nexus/content/groups/public/com/fakesitename/poms/super/1.3/super-1.3.pom mar 24, 2013 10:12:39 EM org.apache.maven.wagon.providers.http.httpclient.impl.client.DefaultRequestDirector tryConnect INFO: I/O exception (org.apache.maven.wagon.providers.http.httpclient.NoHttpResponseException) caught when connecting to the target host: The target server failed to respond mar 24, 2013 10:12:39 EM org.apache.maven.wagon.providers.http.httpclient.impl.client.DefaultRequestDirector tryConnect INFO: Retrying connect mar 24, 2013 10:12:39 EM org.apache.maven.wagon.providers.http.httpclient.impl.client.DefaultRequestDirector tryConnect INFO: I/O exception (org.apache.maven.wagon.providers.http.httpclient.NoHttpResponseException) caught when connecting to the target host: The target server failed to respond mar 24, 2013 10:12:39 EM org.apache.maven.wagon.providers.http.httpclient.impl.client.DefaultRequestDirector tryConnect INFO: Retrying connect mar 24, 2013 10:12:39 EM org.apache.maven.wagon.providers.http.httpclient.impl.client.DefaultRequestDirector tryConnect INFO: I/O exception (org.apache.maven.wagon.providers.http.httpclient.NoHttpResponseException) caught when connecting to the target host: The target server failed to respond mar 24, 2013 10:12:39 EM org.apache.maven.wagon.providers.http.httpclient.impl.client.DefaultRequestDirector tryConnect INFO: Retrying connect [ERROR] The build could not read 1 project -> [Help 1] [ERROR] [ERROR] The project com.fakesitename.library:application:1.3-SNAPSHOT (/tmp/application/pom.xml) has 1 error [ERROR] Non-resolvable parent POM: Could not transfer artifact com.fakesitename.poms:super:pom:1.3 from/to public (https://www.fakesitename.com/nexus/content/groups/public): The target server failed to respond and 'parent.relativePath' points at wrong local POM @ line 5, column 11 -> [Help 2] [ERROR] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] [ERROR] For more information about the errors and possible solutions, please read the following articles: [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException [ERROR] [Help 2] http://cwiki.apache.org/confluence/display/MAVEN/UnresolvableModelException
If I change the settings file to use
http://192.168.0.178:8081
directly, it succeeds.[INFO] Scanning for projects... Downloading: http://192.168.0.178:8081/nexus/content/groups/public/com/fakesitename/poms/super/1.3/super-1.3.pom Downloaded: http://192.168.0.178:8081/nexus/content/groups/public/com/fakesitename/poms/super/1.3/super-1.3.pom (33 KB at 157.3 KB/sec) [INFO] ------------------------------------------------------------------------ [INFO] Reactor Build Order: [INFO] ... [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 1.243s [INFO] Finished at: Sun Mar 24 22:22:01 CET 2013 [INFO] Final Memory: 6M/17M [INFO] ------------------------------------------------------------------------
So, I really don't know what to do. I want to be able to use the "official" https address in the settings.xml file