How to tell Maven to disregard SSL errors (and trusting all certs)?
I frequently need to run "mvn" command :
mvn -f pom.xml clean install -Dmaven.test.skip=false --settings /Users/myhome/settings.xml -X -Djavax.net.ssl.trustStore=/Users/myhome/truststore.jks -Djavax.net.ssl.trustStoreType=JKS -Djavax.net.ssl.trustStorePassword=dummy -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -U
As I need to integrate with various other domains, so currently every time I have to add their certificate to my truststore.jks to prevent SSL handshake errors.
Is there any way I can configure mvn to ignore SSL errors.
Answer
You can disable SSL certificate checking by adding one or more of these command line parameters:
-Dmaven.wagon.http.ssl.insecure=true- enable use of relaxed SSL check for user generated certificates.-Dmaven.wagon.http.ssl.allowall=true- enable match of the server's X.509 certificate with hostname. If disabled, a browser like check will be used.-Dmaven.wagon.http.ssl.ignore.validity.dates=true- ignore issues with certificate dates.
Official documentation: http://maven.apache.org/wagon/wagon-providers/wagon-http/
Here's the oneliner for an easy copy-and-paste:
-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true
Ajay Gautam suggested that you could also add the above to the ~/.mavenrc file as not to have to specify it every time at command line:
$ cat ~/.mavenrc
MAVEN_OPTS="-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true"