0

I have a huge problem with Maven on my Ubuntu 17.10. In my pom.xml I use the maven-assembly-plugin.
Every time I run Maven with mvn clean package in the root of my project the execution fails and in the Stack-trace I can find the error message

Plugin org.apache.maven.plugins:maven-clean-plugin:2.5 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-clean-plugin:jar:2.5: Could not transfer artifact org.apache.maven.plugins:maven-clean-plugin:pom:2.5 from/to central (https://repo.maven.apache.org/maven2): java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

I already reinstalled Maven on my Ubuntu and searched through Google for many hours. It seems that Maven/Java can't connect to Maven Central over SSL. I found a way to use Maven and ignore SSL with mvn clean package -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true but this also didn't work.

The error occurs in all my Maven projects so I think the problem is not in the pom.xml.

The debug log with stacktrace is on Pastebin

EDIT: I checked my cacerts and found the .pem for digicert which validated the Certificate for Maven Central

Posted an Screenshot here!

Cœur
  • 37,241
  • 25
  • 195
  • 267
justtoplayslow
  • 11
  • 2
  • 1
    you can try installing that plugin manually in your local maven repo. But if you have troubles connecting to the central one you will probably have more problems with other dependencies – Veselin Davidov May 04 '18 at 08:36
  • What JDK are you using? – Veselin Davidov May 04 '18 at 08:38
  • Yeah that would be possible, but I would also like to understand why this error is happening. And a quick fix would probably not fix all the problems. `java version "1.8.0_171" Java(TM) SE Runtime Environment (build 1.8.0_171-b11) Java HotSpot(TM) 64-Bit Server VM (build 25.171-b11, mixed mode) ` – justtoplayslow May 04 '18 at 08:40
  • https://wiki.52north.org/Documentation/MavenIssues -> check this out if you use open jdk or by chance don't have the SSL certificates available you might need to point to them and try (instead of ignoring) – Veselin Davidov May 04 '18 at 08:41
  • 1
    I use Oracle Java – justtoplayslow May 04 '18 at 09:00

2 Answers2

1

I was facing the same issue while running maven clean just to discover later that it was my Organization firewall that was causing the ACCESS_DENIED to be thrown from the AbstractHTTPClient. If you are running behind a company firewall can you update your settings.xml with the Firewall settings.

Check if you are running behind your company proxy. If yes then you may need to add your organization's proxy settings in settings.xml.

<settings>
  <proxies>
   <proxy>
      <id>SOME ID</id>
      <active>true</active>
      <protocol>http</protocol>
      <host>PROXY_HOST</host>
      <port>PROXY_PORT</port>
    </proxy>
  </proxies>
</settings>
piy26
  • 1,574
  • 11
  • 21
0

This normally works out of the box. Either your JDK cacerts file (JDK_HOME\jre\lib\security\cacerts) is corrupted or someone is intercepting your network traffic and replacing TLS certificate used by Maven Central (common in a corporate environment).

Inspect the cacerts file using keytool shipped with your JDK and confirm that the certificate chain used by Maven Central is trusted. You can open Maven Central in the web browser and inspect the actual TLS certificate. If you trust it, add it to your JDK cacerts.

Karol Dowbecki
  • 43,645
  • 9
  • 78
  • 111
  • I am just a college student and tried it at home and in college :/ Sorry for this question, but could you maybe explain how I inspect the cacerts? And how would I add the TLS from Maven? Thank you very much! – justtoplayslow May 04 '18 at 08:55
  • @justtoplayslow see https://www.sslshopper.com/article-most-common-java-keytool-keystore-commands.html and https://superuser.com/a/347614 – Karol Dowbecki May 04 '18 at 09:07
  • As in sslhopper stated i used Portecle to check my cacerts. Please check my edit in the Post. Thank you! – justtoplayslow May 04 '18 at 10:38