Technorati 标签: maven,nexus

1. download the Nexus from website for free version:

2. Run the Command prompt with administrator privilege .

http://blog.csdn.net/zwc0910/article/details/17349111

http://w26.iteye.com/blog/1547096

failure reason

http://blog.csdn.net/kimylrong/article/details/23280155

3. central repository proxy error:

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

http://books.sonatype.com/nexus-book/reference//ssl-sect-client-cert.html

tool: http://download.sonatype.com/nexus/import-ssl.jar

4.2.3. Manually Configuring Trust Stores

The Nexus user interface should be sufficient to work with the trust stores and certificates. In older versions of Nexus as well as some use cases, you need to manually configure the trust store.

Sonatype provides an import-ssl tool that can be downloaded fromhttp://download.sonatype.com/nexus/import-ssl.jar. It allows you to import a client certificate in two steps:

  • importing the server’s SSL chain and
  • importing the client SSL key/certificate pair.

The Java Virtual Machine running Nexus uses the Java Secure Socket Extension (JSSE) to enable secure Internet communication. It uses two certificate stores - truststore andkeystore.

A truststore contains certificates from servers run by other parties with who you expect to communicate, or from Certificate Authorities that you trust to identify other parties. This truststore ships with a number of CA’s out-of-the-box, trusted root certificates.

A keystore contains private keys and the certificates with their corresponding public keys. Typically, they are stored in separate files stored in the default location of${JRE_HOME}/lib/security/cacerts.

Some notes about the location of the keystore and default keystore passwords:

  • If you are using the default JSSE keystore locations on either a Linux or OS X platform, you must run the commands below as the root user. You can do this either by changing to the root user (su -) or by using the sudo command: sudo [command].
  • The default password used by Java for the built-in keystores is changeit. If your key-store uses a different password, you’ll need to specify that password as the last parameter on the command lines above.
  • If you want to specify your own keystore/truststore file, provide that in place of <keystore_dir> in the examples below.
  • If you’re using a password other than changeit for your keystore, you should supply it immediately following the keystore path in the commands below.
  • If you specify a keystore location that doesn’t exist, the import-ssl utility will create it on-demand.

Before you begin the process of importing a Server SSL Chain and a client certificate you will need the following:

  • Network access to the SSL server you are connecting to,
  • An SSL client certificate,
  • and a certificate password.

For server certificates you should either import directly into${JRE_HOME}/lib/security/cacerts, or make a copy of the file and import into that.

If you replace the existing truststore rather than adding to it or if you override the truststore location, you will lose all of the trusted CA root certificates of the JRE and no SSL sites will be accessible.

Import the Server SSL Chain

The first command imports the entire self-signed SSL certificate chain for central.sonatype.com into your JSSE keystore:

$ java -jar import-ssl.jar server repo1.maven.org <keystore>
<keystore>=C:\Java\jdk1.8.0_05\jre\lib\security\cacerts
 
command as below:
java -jar import-ssl.jar server repo1.maven.org C:\Java\jdk1.8.0_05\jre\lib\security\cacerts

Substitute the server name used in the previous listing with the server name to which you are attempting to connect. This particular command will connect to https://repo1.maven.org, retrieve, and import the server’s SSL certificate chain.

Import the Client SSL Key/Certificate Pair

The second command imports your client-side SSL certificate into the JSSE keystore, so Nexus can send it along to the server for authentication:

$ java -jar import-ssl.jar client <your-certificate.p12> \
<your-certificate-password> keystore

When the client command completes, you should see a line containing the keystore path. Please note this, as you will use it in your next configuration step.

...
Writing keystore: /System/Library/Frameworks/JavaVM.framework/\
Versions/1.6.0/Home/lib/security/jssecacerts

If you want to make a new keystore into which to import your keys, use the keytool that ships with your Java installation to create an empty keystore:

keytool -genkey -alias foo -keystore keystore
keytool -delete -alias foo -keystore keystore

Make sure to use the keytool commands for your Java version used to run Nexus. The documentation for keytool is available online forJava 6 as well as Java 7.

Configuring Nexus Startup

Once both sets of SSL certificates are imported to your keystore and/or truststore, you can modify the wrapper.conf file located in $NEXUS_HOME/bin/jsw/conf/ to inject the JSSE system properties necessary to use these certificates, as seen below adapting the iterator number (10, 11.. ) to start at the last used value, which depends on the rest of your configuration.

wrapper.java.additional.10=-Djavax.net.ssl.keyStore=<keystore>
wrapper.java.additional.11=-Djavax.net.ssl.keyStorePassword=<keystore_password>
wrapper.java.additional.12=-Djavax.net.ssl.trustStore=<truststore>
wrapper.java.additional.13=-Djavax.net.ssl.trustStorePassword=<truststore_password>

Once you have configured the Nexus startup option shown above, restart Nexus and attempt to proxy a remote repository which requires an SSL client certificate. Nexus will use the keystore location and keystore password to configure the SSL interaction to accept the server’s SSL certificate and send the appropriate client SSL certificate using the manual configuration you have completed with the import-ssl tool.

<?xml version="1.0" encoding="UTF-8"?>

<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
--> <!--
| This is the configuration file for Maven. It can be specified at two levels:
|
| 1. User Level. This settings.xml file provides configuration for a single user,
| and is normally provided in ${user.home}/.m2/settings.xml.
|
| NOTE: This location can be overridden with the CLI option:
|
| -s /path/to/user/settings.xml
|
| 2. Global Level. This settings.xml file provides configuration for all Maven
| users on a machine (assuming they're all using the same Maven
| installation). It's normally provided in
| ${maven.home}/conf/settings.xml.
|
| NOTE: This location can be overridden with the CLI option:
|
| -gs /path/to/global/settings.xml
|
| The sections in this sample file are intended to give you a running start at
| getting the most out of your Maven installation. Where appropriate, the default
| values (values used when the setting is not specified) are provided.
|
|-->
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<!-- localRepository
| The path to the local repository maven will use to store artifacts.
|
| Default: ${user.home}/.m2/repository
<localRepository>/path/to/local/repo</localRepository>
-->
<localRepository>C:\Users\alter\.m2\repository</localRepository> <pluginGroups>
<pluginGroup>org.mortbay.jetty</pluginGroup>
<pluginGroup>org.codehaus.cargo</pluginGroup>
</pluginGroups> <proxies>
</proxies> <servers>
<server>
<id>releases</id>
<username>deployment</username>
<password>deployment123</password>
</server>
<server>
<id>snapshots</id>
<username>deployment</username>
<password>deployment123</password>
</server>
</servers> <mirrors>
<mirror>
<id>nexus</id>
<mirrorOf>*</mirrorOf>
<url>http://localhost:8081/nexus/content/groups/public/</url>
</mirror>
</mirrors> <profiles>
<profile>
<id>nexus</id>
<repositories>
<repository>
<id>central</id>
<url>http://localhost:8081/nexus/content/groups/public/</url>
<releases><enabled>true</enabled></releases>
<snapshots><enabled>true</enabled></snapshots>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>central</id>
<url>http://localhost:8081/nexus/content/groups/public/</url>
<releases><enabled>true</enabled></releases>
<snapshots><enabled>true</enabled></snapshots>
</pluginRepository>
</pluginRepositories>
</profile>
</profiles> <activeProfiles>
<activeProfile>nexus</activeProfile>
</activeProfiles>
</settings> </settings> <!-- id should be the same as above server id-->
<!--
<distributionManagement> <repository>
<id>releases</id>
<name>Internal Releases</name>
<url>http://localhost:8081/nexus/content/repositories/releases</url>
</repository>
<snapshotRepository>
<id>snapshots</id>
<name>Internal Snapshots</name>
<url>http://localhost:8081/nexus/content/repositories/snapshots</url>
</snapshotRepository>
</distributionManagement> -->

Maven Nexus Setup tutorial的更多相关文章

  1. 使用Maven+Nexus+Jenkins+Svn+Tomcat+Sonar搭建持续集成环境(二)

    前言     上一篇随笔Maven+Nexus+Jenkins+Svn+Tomcat+Sonar搭建持续集成环境(一)介绍maven和nexus的环境搭建,以及如何使用maven和nexus统一管理库 ...

  2. 使用Maven+Nexus+Jenkins+Svn+Tomcat+Sonar搭建持续集成环境(一)

    前言     但凡一个略有规模的项目都需要一个持续集成环境的支撑,为什么需要持续集成环境,我们来看一个例子.假如一个项目,由A.B两位程序员来协作开发,A负责前端模块,B负责后端模块,前端依赖后端.A ...

  3. Maven+Nexus+Jenkins+Svn+Tomcat+Sonar搭建持续集成环境(二)

    上一篇随笔Maven+Nexus+Jenkins+Svn+Tomcat+Sonar搭建持续集成环境(一)介绍maven和nexus的环境搭建,以及如何使用maven和nexus统一管理库文件和版本,以 ...

  4. 使用Maven+Nexus+Jenkins+Svn+Tomcat+Sonar搭建持续集成环境

    前言 但凡一个略有规模的项目都需要一个持续集成环境的支撑,为什么需要持续集成环境,我们来看一个例子.假如一个项目,由A.B两位程序员来协作开发,A负责前端模块,B负责后端模块,前端依赖后端.A和B都习 ...

  5. Maven+Nexus+Jenkins+Svn+Tomcat+Sonar搭建持续集成环境

    使用Maven+Nexus+Jenkins+Svn+Tomcat+Sonar搭建持续集成环境(一) 2015-01-14 20:28 by 飘扬的红领巾, 4322 阅读, 5 评论, 收藏, 编辑 ...

  6. Maven / Nexus 的用法和经验

    Maven / Nexus 的用法和经验

  7. jenkins + maven + nexus + [ svn 或 GitLab 或 GitHub ]

    目录 介绍 DevOps平台四大模块 针对DevOps开源项目 Jenkins 介绍 Maven 介绍 maven的核心概念介绍 SVN介绍 Nexus介绍 Maven私服的 个特性: 流程图 环境搭 ...

  8. maven nexus 私服的搭建学习

    之前对maven有过初步的了解与认识,自己也创建过项目使用其来管理,但都是非常粗浅的操作,今天在高人的指点下,也学着在自己的电脑上搭建一个maven私服,虽然技术难度也不高,但为了更深层次的提高,这些 ...

  9. 搭建本地MAVEN NEXUS 服务

    下载 http://120.192.76.70/cache/www.sonatype.org/downloads/nexus-latest-bundle.zip?ich_args=232fba36ed ...

随机推荐

  1. python学习之路-day5-模块

    本节内容: 模块详解 1.模块定义 2.os&sys模块 3.time&datetime模块 4.random模块 5.shutil模块 6.shelve模块 7.configpars ...

  2. 《Java程序设计》实验5

    20145318 <Java程序设计>实验5 实验内容 运行下载的TCP代码,结对进行,一人服务器,一人客户端: 利用加解密代码包,编译运行代码,一人加密,一人解密: 集成代码,一人加密后 ...

  3. 《UML大战需求分析》阅读笔记2

    在第三章往后的章节里面,作者着重描述了uml各个图的具体用法,首先则是类图. 类图则表示程序中所出现的用到的类,用方框来表示,方框中分为三行,第一行是类的名字,第二行是类的成员变量(属性),第三行是成 ...

  4. js-特效部分学习-offsetParent、scrollHeight 、动画函数的封装

    1. offsetParent  获取的最近的定位的父元素   offsetLeft/offsetTop  是相对于offsetParent的距离 offsetHeight/offsetWidth 获 ...

  5. 自己写ORM框架 SqlHelper_DG C#(java的写在链接里)

    ORM框架想必大家都比较熟知了,即对象关系映射(英语:Object Relation Mapping,简称ORM,或O/RM,或O/R mapping),是一种程序技术,用于实现面向对象编程语言里不同 ...

  6. 【笔记】DOM探索基础篇(一)

    #DOM探索(前端课程学习笔记)http://www.imooc.com/video/9502 DOM = document + object + model ECMAScript 编写js应遵守的标 ...

  7. 搭建Openstack云平台

    实验室需要做一个大数据平台项目,临时接下需要部署实验室云平台的任务,由于之前没有接触过相关技术,仅以此篇作为纪录文,记录一下我的openstack的初步学习以及搭建过程. 1.openstcak及其组 ...

  8. 【Win10 UWP】QQ SDK(一):SDK基本使用方法

    每当开发一个应用需要社交分享的应用时,总是心里咯噔一下:到底什么时候分享能加上QQ和微信?除了WP8.0版本的微信SDK,官方似乎从未正面发布过适应时代发展的QQ SDK,就连后台,也没有一个可以创建 ...

  9. Asp.Net Web API 2第十七课——Creating an OData Endpoint in ASP.NET Web API 2(OData终结点)

    前言 很久没更新博客了,加上刚过年,现在准备重新开战,继续自己的学习之路.本文已同步到Web API2系列文章中http://www.cnblogs.com/aehyok/p/3446289.html ...

  10. 【Android UI设计与开发】9:滑动菜单栏(一)开源项目SlidingMenu的使用和示例

    一.SlidingMenu简介 相信大家对SlidingMenu都不陌生了,它是一种比较新的设置界面或配置界面的效果,在主界面左滑或者右滑出现设置界面效果,能方便的进行各种操作.很多优秀的应用都采用了 ...