Is it possible to use MS Windows keystore as source for intermediate CA certs from Maven?

Question

We are using Maven against an Artifactory instance configured with https (SSL). The problem is that the certificate is signed by our internal CA which forces us to import the CA cert into the cacerts file in Java.

The CA certs are distributed to our Windows platform and are available using the Microsoft CryptoAPI support introduced in Java SE6.

It would be really nice if Maven somehow could access the intermediate CAs from Windows keystores since Maven is Java based (as described in Java access to intermediate CAs from Windows keystores?).

Does anyone know if this is possible?

score 0 · Answer 1 · answered Jun 01 '17 at 17:31

To understand how Maven implements this code, you'll need to look at the Wagon system, especially the source code. The place I would start is the JSSE property ssl.SocketFactory.provider. If you create a custom SSLSocketFactory, you can have it do the work of getting the certificates from Windows when it initializes. You'll also have to find a way to bundle that code into an extension so that it will be accessible to Maven at runtime.

Is it possible to use MS Windows keystore as source for intermediate CA certs from Maven?

1 Answers1