How to tell Maven to disregard SSL errors (and trusting all certs)?

I frequently need to run "mvn" command :

mvn -f pom.xml clean install -Dmaven.test.skip=false --settings /Users/myhome/settings.xml -X -Djavax.net.ssl.trustStore=/Users/myhome/truststore.jks -Djavax.net.ssl.trustStoreType=JKS -Djavax.net.ssl.trustStorePassword=dummy -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal. -U

As I need to integrate with various other domains, so currently every time I have to add their certificate to my truststore.jks to prevent SSL handshake errors.

Is there any way I can configure mvn to ignore SSL errors.

6 Answers

You can disable SSL certificate checking by adding one or more of these command line parameters:

  • -Dmaven.wagon.http.ssl.insecure=true - enable use of relaxed SSL check for user generated certificates.
  • -Dmaven.wagon.http.ssl.allowall=true - enable match of the server's X.509 certificate with hostname. If disabled, a browser like check will be used.
  • -Dmaven.wagon.http.ssl.ignore.validity.dates=true - ignore issues with certificate dates.

Official documentation:

Here's the oneliner for an easy copy-and-paste:

-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true

Ajay Gautam suggested that you could also add the above to the ~/.mavenrc file as not to have to specify it every time at command line:

$ cat ~/.mavenrc
MAVEN_OPTS="-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true"
11

An alternative that worked for me is to tell Maven to use http: instead of https: when using Maven Central by adding the following to settings.xml:

<settings> . . . <mirrors> <mirror> <id>central-no-ssl</id> <name>Central without ssl</name> <url> <mirrorOf>central</mirrorOf> </mirror> </mirrors> . . .
</settings>

Your mileage may vary of course.

5

Create a folder ${USER_HOME}/.mvn and put a file called maven.config in it.

The content should be:

-Dmaven.wagon.http.ssl.insecure=true
-Dmaven.wagon.http.ssl.allowall=true
-Dmaven.wagon.http.ssl.ignore.validity.dates=true

Hope this helps.

3

You can also configure m2e to use HTTP instead of HTTPS

force-m2e-to-use-http-instead-of-https

I found that the latest jdk16 will fail SSL certificates so I have to use the-Dmaven.wagon.http.ssl.ignore.validity.dates=true to work around; switching to jdk11(LTS) then all problems are gone.

Also jdk1.8 was tested too, which also worked without any parameters; but jdk1.8 is in in no-update mode, better move on to the LTS jdk versions, but not the latest jdk16.

If you want to put all the same maven.wagon.http.ssl. settings into ~/.m2/settings.xml instead of ~/.mavenrc, this is what you need to put in the file:

<settings xmlns="" xmlns:xsi="" xsi:schemaLocation=" "> <profiles> <profile> <id>definedInM2SettingsXML</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <maven.wagon.http.ssl.insecure>true</maven.wagon.http.ssl.insecure> <maven.wagon.http.ssl.allowall>true</maven.wagon.http.ssl.allowall> <maven.wagon.http.ssl.ignore.validity.dates>true</maven.wagon.http.ssl.ignore.validity.dates> </properties> </profile> </profiles>
</settings>
1

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like