Maven dependency import problem
I encountered this problem before when working on a project. When introducing dependencies into the pom file, there will be an error as follows:
PKIX path building failed: :
unable to find valid certification path to requested target
This is because Maven requests the remote repository to verify the security certificate when downloading the dependency jar package. Since the local jdk does not add the security certificate, it fails when performing the security verification, resulting in the problem that the dependency cannot be introduced.
Solution
1. Manually download dependencies
This is how I solved this problem when I first encountered this problem. Now I think it is a very hard-working solution.
What dependencies are needed to download to the local maven repository by yourself.
Due to the indescribable reason, domestic developers cannot access foreign maven libraries, so they need to use the maven library provided by aliyun. The URL is attached here:/mvn/view
2. Ignore SSL certificate verification
Since we don’t have a certificate, we will just ignore the certificate verification.
IDEA opens file->settings->Build,Execution,Development->Build Tools->Runner->VM Options, enter a command in the input box to ignore the verification of the SLL certificate when running.
Attach the mvn command:
-=true -=true
3. Generate and import SSL certificates
If we don't have a certificate and don't want to ignore verification, then we can generate an SSL certificate ourselves.
3.1
import .*;
import .*;
import ;
import ;
import ;
import .X509Certificate;
public class InstallCert {
public static void main(String[] args) throws Exception {
String host;
int port;
char[] passphrase;
if (( == 1) || ( == 2)) {
String[] c = args[0].split(":");
host = c[0];
port = ( == 1) ? 443 : (c[1]);
String p = ( == 1) ? "changeit" : args[1];
passphrase = ();
} else {
.println("Usage: java InstallCert <host>[:port] [passphrase]");
return;
}
File file = new File("jssecacerts");
if (() == false) {
char SEP = ;
File dir = new File(("") + SEP + "lib"
+ SEP + "security");
file = new File(dir, "jssecacerts");
if (() == false) {
file = new File(dir, "cacerts");
}
}
("Loading KeyStore " + file + "...");
InputStream in = new FileInputStream(file);
KeyStore ks = (());
(in, passphrase);
();
SSLContext context = ("TLS");
TrustManagerFactory tmf = TrustManagerFactory
.getInstance(());
(ks);
X509TrustManager defaultTrustManager = (X509TrustManager) tmf
.getTrustManagers()[0];
SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);
(null, new TrustManager[]{tm}, null);
SSLSocketFactory factory = ();
.println("Opening connection to " + host + ":" + port + "...");
SSLSocket socket = (SSLSocket) (host, port);
(10000);
try {
("Starting SSL handshake...");
();
();
();
("No errors, certificate is already trusted");
} catch (SSLException e) {
();
();
}
X509Certificate[] chain = ;
if (chain == null) {
("Could not obtain server certificate chain");
return;
}
BufferedReader reader = new BufferedReader(new InputStreamReader(
));
();
("Server sent " + + " certificate(s):");
();
MessageDigest sha1 = ("SHA1");
MessageDigest md5 = ("MD5");
for (int i = 0; i < ; i++) {
X509Certificate cert = chain[i];
(" " + (i + 1) + " Subject "
+ ());
(" Issuer " + ());
(());
(" sha1 " + toHexString(()));
(());
(" md5 " + toHexString(()));
();
}
.println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");
String line = ().trim();
int k;
try {
k = (() == 0) ? 0 : (line) - 1;
} catch (NumberFormatException e) {
("KeyStore not changed");
return;
}
X509Certificate cert = chain[k];
String alias = host + "-" + (k + 1);
(alias, cert);
OutputStream out = new FileOutputStream("jssecacerts");
(out, passphrase);
();
();
(cert);
();
.println("Added certificate to keystore 'jssecacerts' using alias '"
+ alias + "'");
}
private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();
private static String toHexString(byte[] bytes) {
StringBuilder sb = new StringBuilder( * 3);
for (int b : bytes) {
b &= 0xff;
(HEXDIGITS[b >> 4]);
(HEXDIGITS[b & 15]);
(' ');
}
return ();
}
private static class SavingTrustManager implements X509TrustManager {
private final X509TrustManager tm;
private X509Certificate[] chain;
SavingTrustManager(X509TrustManager tm) {
= tm;
}
public X509Certificate[] getAcceptedIssuers() {
throw new UnsupportedOperationException();
}
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
throw new UnsupportedOperationException();
}
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
= chain;
(chain, authType);
}
}
} Create a new InstallCert class to run the certificate generation code. Note that before execution, you need to set the main parameter, which is the maven address, such as "/nexus/content/groups/public".
You need to confirm during the program operation, just enter 1. After execution is completed, the jssecacerts certificate will be generated in the directory at the same level of the program, and the next step is to import the certificate.
PS: If you do not want to set the main parameter, you can customize a String[] str variable and assign it to the url of the maven repository, and then change the args in the code to str.
Here is the certificate generation code:
3.2 Put the generated certificate file under the path JAVA_HOME/jre/lib/security. Everyone's JAVA_HOME is different. They correspond to their own path and finally restart the system.
Summarize
The above is personal experience. I hope you can give you a reference and I hope you can support me more.