[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [tycho-user] HTTPS - disable hostname check
|
I haven't tried these with tycho but in other contexts - so they might
work...or not.
Might be enough to add `-Djsse.enableSNIExtension=false` to the jvm used
to launch tycho.
if not, maybe add custom verifier via javaagent:
http://stackoverflow.com/questions/6031258/java-ssl-how-to-disable-hostname-verification
/max
Hi Jan,
thanks for your quick answer!
I found this post as well but it doesn’t help in our case because
the certificate itself is not the problem.
The problem seems to be that nexus is available under domain1 but the
returned certificate is issued for domain2. Both of them are well
trusted and correct in itself but unfortunately the network setup
seems to be messed up somehow (as i said we cannot change that for
now) and the returned certificates are messed up.
Any other ideas? Is it possible to change the HostnameVerifier of the
underlying HttpClient somehow?
Best, Thomas E.-E.
On 28 May 2015, at 17:07, Sievers, Jan <jan.sievers@xxxxxxx> wrote:
google search turns up
http://eclipsesource.com/blogs/2013/04/19/installing-eclipse-plug-ins-from-an-update-site-with-a-self-signed-certificate/
From: tycho-user-bounces@xxxxxxxxxxx
[mailto:tycho-user-bounces@xxxxxxxxxxx] On Behalf Of Thomas
Eichstädt-Engelen
Sent: Donnerstag, 28. Mai 2015 16:49
To: tycho-user@xxxxxxxxxxx
Subject: [tycho-user] HTTPS - disable hostname check
Hi,
i am currently facing the follow problem:
We are building our Eclipse P2 based project using Tycho. Due to
stability reasons we’ve added a Nexus RepoManager into the manager
which proxies all external Repos. When building we get an SSL error
[ERROR] Failed to resolve target definition
/var/lib/jenkins/jobs/openhab2/workspace/targetplatform/openhab.target:
Failed to load p2 metadata repository from location
https://<host1.de>/nexus/content/groups/public-p2/: Unable to read
repository at
https://<host1.de>/nexus/content/groups/public-p2/content.xml.
hostname in certificate didn't match: <host1.de> != <host2.de> OR
<host2.de> OR <host3.de> -> [Help 1]
Using “dig” it turns out that the server is not well
administered. However we can’t change that situation by now so we
have to workaround it. Maven HTTP Wagon provides the “allowAll”
feature (see
http://maven.apache.org/wagon/wagon-providers/wagon-http/) which
simply uses a different HostnameVerifier using the System property
maven.wagon.http.ssl.allowall=true
Is there anything similar to use in tyco builds since tycho doesn’t
seem to work with wagons.
Any help is greatly appreciated.
Best, Thomas E.-E.
_______________________________________________
tycho-user mailing list
tycho-user@xxxxxxxxxxx
To change your delivery options, retrieve your password, or
unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/tycho-user
_______________________________________________
tycho-user mailing list
tycho-user@xxxxxxxxxxx
To change your delivery options, retrieve your password, or
unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/tycho-user
/max
http://about.me/maxandersen