How to tell Maven to disregard SSL errors and trusting all certs

Question

I frequently need to run  mvn  command    mvn -f pom xml clean install -Dmaven test skip false --settings  Users myhome settings xml -X -Djavax net ssl trustStore  Users myhome truststore jks -Djavax net ssl trustStoreType JKS -Djavax net ssl trustStorePassword dummy -Djava protocol handler pkgs com sun net ssl internal www protocol -U   As I need to integrate with various other domains  so currently every time I have to add their certificate to my truststore jks to prevent SSL handshake errors   Is there any way I can configure mvn to ignore SSL errors

User · Accepted Answer

You can disable SSL certificate checking by adding one or more of these command line parameters:

-Dmaven.wagon.http.ssl.insecure=true - enable use of relaxed SSL check for user generated certificates.
-Dmaven.wagon.http.ssl.allowall=true - enable match of the server's X.509 certificate with hostname. If disabled, a browser like check will be used.
-Dmaven.wagon.http.ssl.ignore.validity.dates=true - ignore issues with certificate dates.

Official documentation: http://maven.apache.org/wagon/wagon-providers/wagon-http/

Here's the oneliner for an easy copy-and-paste:

-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true

Ajay Gautam suggested that you could also add the above to the ~/.mavenrc file as not to have to specify it every time at command line:

$ cat ~/.mavenrc 
MAVEN_OPTS="-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true"

User · Answer

Create a folder   USER HOME   mvn  and put a file called maven config in it   The content should be   -Dmaven wagon http ssl insecure true -Dmaven wagon http ssl allowall true -Dmaven wagon http ssl ignore validity dates true   Hope this helps

User · Answer

You can also configure m2e to use HTTP instead of HTTPS  force-m2e-to-use-http-instead-of-https

User · Answer

An alternative that worked for me is to tell Maven to use http  instead of https  when using Maven Central by adding the following to settings xml    lt settings gt                    lt mirrors gt       lt mirror gt           lt id gt central-no-ssl lt  id gt           lt name gt Central without ssl lt  name gt           lt url gt http   repo maven apache org maven2 lt  url gt           lt mirrorOf gt central lt  mirrorOf gt       lt  mirror gt     lt  mirrors gt                  lt  settings gt    Your mileage may vary of course

[maven] How to tell Maven to disregard SSL errors (and trusting all certs)?

Examples related to maven

Examples related to ssl-certificate