Open
Description
Apparently, I'm behind corporate proxy and with custom SSL certificates which cannot be verified properly:
--2019-06-04 10:36:48-- https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.4.0/maven-wrapper-0.4.0.jar
Resolving proxyeu.company.com (proxyeu.company.com)... 69.191.176.39
Connecting to proxyeu.company.com (proxyeu.company.com)|69.191.176.39|:81... connected.
WARNING: cannot verify repo.maven.apache.org's certificate, issued by ‘/C=US/ST=NEW YORK/L=NEW YORK/O=Company/OU=NDIS/CN=Company CLASS 1 SubCA V3’:
Self-signed certificate encountered.
Proxy request sent, awaiting response... 200 OK
Length: 48336 (47K) [application/java-archive]
Saving to: ‘/tmp/lsp-java-install/.mvn/wrapper/maven-wrapper.jar’
0K .......... .......... .......... .......... ....... 100% 583K=0.08s
2019-06-04 10:36:49 (583 KB/s) - ‘/tmp/lsp-java-install/.mvn/wrapper/maven-wrapper.jar’ saved [48336/48336]
Exception in thread "main" javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching repo.maven.apache.org found
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1513)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1441)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at org.apache.maven.wrapper.DefaultDownloader.downloadInternal(DefaultDownloader.java:73)
at org.apache.maven.wrapper.DefaultDownloader.download(DefaultDownloader.java:60)
at org.apache.maven.wrapper.Installer.createDist(Installer.java:64)
at org.apache.maven.wrapper.WrapperExecutor.execute(WrapperExecutor.java:121)
at org.apache.maven.wrapper.MavenWrapperMain.main(MavenWrapperMain.java:55)
Caused by: java.security.cert.CertificateException: No name matching repo.maven.apache.org found
at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:221)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:95)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:436)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:200)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1491)
... 17 more
Normally, what I do with other tools, I drop SSL certificate verification as there are always options to do so. For Maven, I found out that adding
<mirrors>
...
<mirror>
<id>central-no-ssl</id>
<name>Central without ssl</name>
<url>http://repo.maven.apache.org/maven2</url>
<mirrorOf>central</mirrorOf>
</mirror>
...
</mirrors>
to ~/.m2/settings.xml should be sufficient. Unfortunately, this does not seem to have any effect on lsp-java-update-server as per above output. Furthermore,
(setq-default lsp-java-configuration-maven-user-settings "~/.m2/settings.xml")
does not help either. Any ideas how to go about it?