Maven:尽管settings.xml拥有配置了HTTPS的存储库，但未能检索插件描述符和对等端未通过身份验证的错误

Question

我有带有Maven 3.0.5设置的Java 8 (这是针对特定项目的，不会修改堆栈版本)。

我知道Apache的新决定，强制所有Maven存储库只使用HTTPS，否则Maven客户端将无法与存储库服务器对话。

似乎我已经在~/.m2/settings.xml中配置了所有必要的设置，但是由于某种原因，当我在任何构建阶段(比如mvn clean)时，Maven默认为HTTP，并且不关心settings.xml --它仍然尝试用HTTP协议下载引用/依赖项。

我的settings.xml示例(为了简单起见，我删除了特定于项目的内容，只留下了与问题相关的内容)：

<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
                    https://maven.apache.org/xsd/settings-1.0.0.xsd">
<repositories>
  <repository>
    <id>central</id>
    <url>https://repo1.maven.org/maven2/</url>
  </repository>

  <repository>
    <id>central</id>
    <url>https://repo.maven.apache.org/maven2/</url>
  </repository>
</repositories>

下面是我在执行mvn archetype:generate时所得到的信息，这只是为了测试Maven的行为(对于任何试图到达服务器的其他命令来说，问题都是持久的)：

[INFO] Scanning for projects... 

Downloading: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-clean-plugin/2.5/maven-clean-plugin-2.5.pom
[WARNING] Failed to retrieve plugin descriptor for org.apache.maven.plugins:maven-clean-plugin:2.5: Plugin org.apache.maven.plugins:maven-clean-plugin:2.5 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-clean-plugin:jar:2.5

Downloading: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-install-plugin/2.3/maven-install-plugin-2.3.pom
[WARNING] Failed to retrieve plugin descriptor for org.apache.maven.plugins:maven-install-plugin:2.3: Plugin org.apache.maven.plugins:maven-install-plugin:2.3 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-install-plugin:jar:2.3

Downloading: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-deploy-plugin/2.7/maven-deploy-plugin-2.7.pom
[WARNING] Failed to retrieve plugin descriptor for org.apache.maven.plugins:maven-deploy-plugin:2.7: Plugin org.apache.maven.plugins:maven-deploy-plugin:2.7 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-deploy-plugin:jar:2.7

Downloading: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-site-plugin/3.0/maven-site-plugin-3.0.pom
[WARNING] Failed to retrieve plugin descriptor for org.apache.maven.plugins:maven-site-plugin:3.0: Plugin org.apache.maven.plugins:maven-site-plugin:3.0 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-site-plugin:jar:3.0

Downloading: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-antrun-plugin/1.3/maven-antrun-plugin-1.3.pom
[WARNING] Failed to retrieve plugin descriptor for org.apache.maven.plugins:maven-antrun-plugin:1.3: Plugin org.apache.maven.plugins:maven-antrun-plugin:1.3 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-antrun-plugin:jar:1.3

Downloading: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-assembly-plugin/2.2-beta-5/maven-assembly-plugin-2.2-beta-5.pom
[WARNING] Failed to retrieve plugin descriptor for org.apache.maven.plugins:maven-assembly-plugin:2.2-beta-5: Plugin org.apache.maven.plugins:maven-assembly-plugin:2.2-beta-5 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-assembly-plugin:jar:2.2-beta-5

Downloading: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-dependency-plugin/2.1/maven-dependency-plugin-2.1.pom
[WARNING] Failed to retrieve plugin descriptor for org.apache.maven.plugins:maven-dependency-plugin:2.1: Plugin org.apache.maven.plugins:maven-dependency-plugin:2.1 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-dependency-plugin:jar:2.1

Downloading: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-release-plugin/2.0/maven-release-plugin-2.0.pom
[WARNING] Failed to retrieve plugin descriptor for org.apache.maven.plugins:maven-release-plugin:2.0: Plugin org.apache.maven.plugins:maven-release-plugin:2.0 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-release-plugin:jar:2.0

Downloading: http://repo.maven.apache.org/maven2/org/codehaus/mojo/maven-metadata.xml

Downloading: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-metadata.xml

[WARNING] Could not transfer metadata org.apache.maven.plugins/maven-metadata.xml from/to central (http://repo.maven.apache.org/maven2): Failed to transfer file: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-metadata.xml. Return code is: 501 , ReasonPhrase:HTTPS Required.

[WARNING] Could not transfer metadata org.codehaus.mojo/maven-metadata.xml from/to central (http://repo.maven.apache.org/maven2): Failed to transfer file: http://repo.maven.apache.org/maven2/org/codehaus/mojo/maven-metadata.xml. Return code is: 501 , ReasonPhrase:HTTPS Required.

[WARNING] Failure to transfer org.apache.maven.plugins/maven-metadata.xml from http://repo.maven.apache.org/maven2 was cached in the local repository, resolution will not be reattempted until the update interval of central has elapsed or updates are forced.

Original error: Could not transfer metadata org.apache.maven.plugins/maven-metadata.xml from/to central (http://repo.maven.apache.org/maven2): Failed to transfer file: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-metadata.xml. Return code is: 501 , ReasonPhrase:HTTPS Required.

[WARNING] Failure to transfer org.codehaus.mojo/maven-metadata.xml from http://repo.maven.apache.org/maven2 was cached in the local repository, resolution will not be reattempted until the update interval of central has elapsed or updates are forced.

Original error: Could not transfer metadata org.codehaus.mojo/maven-metadata.xml from/to central (http://repo.maven.apache.org/maven2): Failed to transfer file: http://repo.maven.apache.org/maven2/org/codehaus/mojo/maven-metadata.xml. Return code is: 501 , ReasonPhrase:HTTPS Required.

怎么办？正如您所看到的，它仍然使用HTTP，而我相应地获得HTTP 501。

Answer 1

有两个问题：

问题1:

[WARNING] Failed to retrieve plugin descriptor for .. (whatever plugin name)警告几乎在任何构建阶段，这表明(important>)检索插件描述符或其依赖项(这意味着插件，而不是项目依赖！)不会成功。

在这里，Maven试图通过HTTP ()与端点计算机(存储库)进行通信，尽管事实上(！)已经定制了配置.m2\settings.xml文件，而且所有存储库定义条目都分别使用HTTPS，似乎Maven应该尝试通过HTTPS ..but no进行一切操作，它使用HTTP进行插件，与Maven存储库的任何HTTP通信都是自2020年1月15日起被禁。

我解决这一问题的方式是将<profiles/>和<pluginRepositories/>定义为@carlspring建议，并将其配置为@carlspring建议，但我必须对这个答案进行详细阐述和扩展。

下面是我准备好的settings.xml示例：(请注意，为了安全起见，我在配置文件和存储库中都提供了替代存储库)

<settings
        xmlns="http://maven.apache.org/SETTINGS/1.0.0"                                                                                                                                     $    xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
        https://maven.apache.org/xsd/settings-1.0.0.xsd">

    <profiles>
        <profile>
            <id>ssl-profile</id>
            <activation>
                <activeByDefault>true</activeByDefault>
            </activation>

            <repositories>
                <repository>
                    <id>central-1</id>
                    <url>https://repo1.maven.org/maven2</url>
                    <snapshots>
                        <enabled>false</enabled>
                    </snapshots>
                </repository>
            </repositories>
            
            <pluginRepositories>
                <pluginRepository>
                    <id>central-2</id>
                    <url>https://repo1.maven.org/maven2</url>
                    <snapshots>
                        <enabled>false</enabled>
                    </snapshots>
                </pluginRepository>
            </pluginRepositories>
        </profile>

        <repositories>
            <repository>
                <id>central1</id>
                <url>https://repo1.maven.org/maven2/</url>
            </repository>
            <repository>
                <id>central2</id>
                <url>https://repo.maven.apache.org/maven2/</url>
            </repository>
        </repositories>
    </profiles>
</settings>

在这个问题被解决后，最后Maven试图通过HTTPS连接到所有的存储库，然后我又得到了另一个，

问题2:

peer not authenticated接Return code is: 501 , ReasonPhrase:HTTPS Required.

这有点棘手，但是解决这个问题的方法是使用信任库cacerts文件。

首先，检查是否有信任存储文件cacerts，以及它是否为空。它必须是而不是是空的，这是非常重要的。

看起来，在OpenJDK 11和其他一些用于Windows系统的构建中，cacerts文件要么丢失，要么存在，但却是空的；然而，据我观察，它存在于Oracle JDK构建中。

• 在Windows构建上，它应该在%JAVA_HOME%\lib\security\下；
• 在Linux上，它可能会有所不同(取决于Linux发行版和您的设置)，但在我的例子中，它是在/etc/ssl/certs下(我认为这是Linux的证书文件夹，而不是的一个)。

如果您看到，cacerts文件要么不存在，要么是空的(只需检查文件大小，它应该大于几位)，您可以：

• 简单地从其他JDK/JRE构建中复制粘贴现有的cacerts文件；
• 生成一个cacerts信任存储文件并向其添加证书。在这种情况下，您将需要添加尽可能多的证书，因此，也许只使用复制粘贴变体会更容易。

我希望这能帮到你。

Answer 2

在您的示例中，它似乎适用于依赖项，但不适用于插件。您需要定义一个<profile>，它是activeByDefault，包含快照和发行版的<pluginRepositories/>部分。

Maven有两种类型的存储库：

• 对于依赖项
• 用于插件

<mirrorOf>部分只处理依赖库。

Answer 3

我建议走以下道路：

<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.1.0"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd">

  <mirrors>
    <mirror>
      <id>central</id>
      <name>central</name>
      <url>https://repo1.maven.org/maven2/</url>
      <mirrorOf>*</mirrorOf>
    </mirror>
  </mirrors>

</settings>

这将通过上述URL重定向所有请求。如果在公司环境中有一个存储库管理器，最好使用这个管理器，让回购管理器处理https内容。

另外，Maven升级到最新版本3.6.3，我想您不是在使用我强烈建议升级的插件的最新版本，这方面已经有了很多改进。