How to Resolve 'SunCertPathBuilderException' Errors When Using Maven Behind a Proxy?

SSL Certificate and Maven Proxy Issues

When using Maven behind a proxy, you may encounter issues with SSL certificates. The error you described, "SunCertPathBuilderException: unable to find valid certification path to requested target," typically indicates that Maven cannot verify the authenticity of the HTTPS-based Maven repository, https://repo.maven.apache.org/maven2.

Despite having correctly configured proxy settings through the settings.xml file, a problem with the proxy may still be preventing Maven from securely connecting to the central Maven repository.

Here's a step-by-step solution that may resolve this issue:

1. Obtain the SSL Certificate:

   • Visit the HTTPS-based Maven repository (https://repo.maven.apache.org/maven2) in a web browser.
   • Find the lock icon in the browser's address bar and click on it.
   • Choose "View Certificate."
   • Navigate to the "Details" tab and select "Save to File."
   • Save the certificate in Base 64 X.509 (.CER) format to a designated location.

2. Import the SSL Certificate:

   • Open a command prompt or terminal and execute the following command, replacing '' with the location where you saved the certificate:

   keytool -import -file <path-to-cert> -keystore <path-to-keystore>

   • Replace '' with the desired location of the keystore (e.g., C:tempmavenKeystore).

3. Configure Maven to Use the Keystore:

   • Run the following Maven command with the -Djavax.net.ssl.trustStore parameter to specify the location of the keystore:

   mvn archetype:generate -DgroupId=com.mycompany.app -DartifactId=my-app -DarchetypeArtifactId=maven-archetype-quickstart -DinteractiveMode=false -Djavax.net.ssl.trustStore=<path-to-keystore>

   • Replace with the full path to the keystore (e.g., C:tempmavenKeystore for Windows). For Linux/macOS, use absolute paths (e.g., /tmp/mavenKeystore).

4. Optional: Permanent Solution (MAVEN_OPTS)

   • You can avoid having to specify the keystore location每次, you can set the MAVEN_OPTS environment variable:

   export MAVEN_OPTS=-Djavax.net.ssl.trustStore=<path-to-keystore>

   • For Windows, replace export with set.

By following these steps, you can import the SSL certificate and configure Maven to use the keystore, allowing you to establish a secure connection to the Maven repository and avoid the SSL certificate-related error.

The above is the detailed content of How to Resolve 'SunCertPathBuilderException' Errors When Using Maven Behind a Proxy?. For more information, please follow other related articles on the PHP Chinese website!