Saturday 1 September 2012

fun with self-signed certs and java and maven again :S

I've been deploying maven artifacts all day and suddenly it stopped working (later I realized that I happen to apt-get update java in between).

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plugin:2.7:deploy (default-deploy) on project browser-cookies: Failed to deploy artifacts/metadata: No connector available to access repository xxx.xxx of type default using the available factories WagonRepositoryConnectorFactory -> [Help 1]

[ERROR] For more information about the errors and possible solutions, please read the following articles:

[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException

So after googling a bit I though wagon might be the problem again so I added the following to my pom:


...


org.apache.maven.wagon
wagon-ssh
2.2

...


But my problems didn't go away:(
Then I realized that since I just upgraded my java, that my company maven repo's certificate may not be installed anymore..

I tried to install it with the normal way:
java -jar import-ssl.jar server [https://YOURSERVERURL] 

java -jar import-ssl.jar server maven.example.com $JAVA_HOME/jre/lib/security/cacerts

But this resulted in the following error:

Loading KeyStore /usr/lib/jvm/java-7-oracle/jre/lib/security/cacerts...
Setting up SSL...
Opening connection to https://maven.example.com:443...
java.net.UnknownHostException: https://maven.example.com

at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:391)
at java.net.Socket.connect(Socket.java:579)
at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:618)
at sun.security.ssl.SSLSocketImpl.(SSLSocketImpl.java:407)
at sun.security.ssl.SSLSocketFactoryImpl.createSocket(SSLSocketFactoryImpl.java:88)
at com.sonatype.component.ssl.imprt.ImportServerCertificates.doImport(ImportServerCertificates.java:154)
at com.sonatype.component.ssl.imprt.ImportServerCertificates.run(ImportServerCertificates.java:66)
at com.sonatype.component.ssl.imprt.Main.main(Main.java:51)

I was puzzled because this worked fine with java-6-openjdk-amd64,  but not with java-7-oracle. For kicks I tried the IP address and guess what it worked!!!!

java -jar import-ssl.jar server 192.0.2.1 $JAVA_HOME/jre/lib/security/cacerts 

Loading KeyStore /usr/lib/jvm/java-7-oracle/jre/lib/security/cacerts...
Setting up SSL...
Opening connection to 192.0.2.1:443...
Starting SSL handshake...

Some SSL certificates appear to be missing. Adding missing certificates...

Server sent 1 certificate(s):
 1 Subject CN=maven.example.com, O=MyCompany, L=Johannesburg, ST=Gauteng, C=ZA
   Issuer  CN=maven.example.com, O=MyCompany, L=Johannesburg, ST=Gauteng, C=ZA

Added certificate to keystore using alias: '192.0.2.1'


But alas I could still not deploy :'(
I threw my toys out of my cot, took a deep breath, bathed my 19 month old son, came back and realized what my problem was:

I put a nasty safety mechanism into my corporate poms to prevent us from deploying stuff to the wrong repository (eg. deploying private source files to a public repository!). Anyways I now added a BIG glaring message for myself for when this happens again:

 NB!


 NB! REMEMBER TO SPECIFY -Dew.deploy-public TO DEPLOY THIS PUBLICLY OR -Dew.deploy-private TO DEPLOY THIS PRIVATELY


Don't say I didn't try to tell you!!!!?!