Maven 错误:(重复)java.security.InvalidAlgorithmParameterException:trustAnchors 参数必须为非空
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/39788295/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Maven Error: (repeated) java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
提问by Ulrich
Have to ask again. Someone thought it was a duplicate questionand already answered and removed it from the list.
还得再问。有人认为这是一个重复的问题,已经回答并将其从列表中删除。
I'm using maven (mvn) batch command with windows (not m2e with eclipse) to run clean install or resolve dependencies. Sometimes, when pom.xml was changed, it is necessary to download artifacts from our nexus server. This used to work for long time for me.
我正在使用带有 Windows 的 maven (mvn) 批处理命令(不是带有 Eclipse 的 m2e)来运行全新安装或解决依赖项。有时,当 pom.xml 更改时,有必要从我们的 nexus 服务器下载工件。这曾经对我来说有效了很长时间。
But now the connection to the nexus server (https, the server uses a company owned certificate) fails with "java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty" I know, I changed the Java release. But I'm pretty sure I maintained the cacerts keystore the same way I did with the previous releases. (at leased I compared the fingerprints in both of the cacerts; they are the same).
但是现在与 nexus 服务器(https,服务器使用公司拥有的证书)的连接失败,并显示“ java.security.InvalidAlgorithmParameterException: the trustAnchors 参数必须为非空”我知道,我更改了 Java 版本。但我很确定我维护 cacerts 密钥库的方式与之前版本相同。(至少我比较了两个 cacerts 中的指纹;它们是相同的)。
When running the command "mvn -s -Djavax.net.debug=all -Djava.net.ssl.trustStore="C:/Programme/Java/jre1.8.0_102/lib/security/cacerts" -Djavax.net.ssl.trustStorePassword=changeit dependency:resolve", the ssl-trace says:
当运行命令“ mvn -s -Djavax.net.debug=all -Djava.net.ssl.trustStore="C:/Programme/Java/jre1.8.0_102/lib/security/cacerts" -Djavax.net.ssl .trustStorePassword=changeit dependency:resolve",ssl-trace 说:
keyStore is :
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: No File Available, using empty keystore.
trustStore type is : jks
trustStore provider is :
init truststore
Even if specifying the path and the password of the keystore in the command, the answer in the ssl trace is that it could not be found.
即使在命令中指定了keystore的路径和密码,ssl trace中的答案也是找不到。
I've no idea what I might have changed to get to this trouble. I changed the Windows PATH-Statement, but this should not matter fro the previously described command. Any hint is appreciated
我不知道我可能会改变什么来解决这个问题。我更改了 Windows PATH-Statement,但这与前面描述的命令无关。任何提示表示赞赏
回答by Jo?o Rodrigues
I had the same issue and it took me a day to solve it. This a java related issue as you may see in the error stack. Check in:
我遇到了同样的问题,我花了一天时间才解决。正如您在错误堆栈中看到的那样,这是一个与 Java 相关的问题。报到:
/etc/ssl/certs/javafor the cacertsfile.
1) If you don't have this file here that is the reason why your getting this error
2) If you do have this file here it means that this is probably not a valid cacerts file.
/etc/ssl/certs/java用于cacerts文件。
1) 如果您在此处没有此文件,这就是您收到此错误的原因
2) 如果您在此处有此文件,则意味着这可能不是有效的 cacerts 文件。
If you want you can update it with:
sudo apt-get install --reinstall ca-certificates
And if it works now, then perfect (in my case it did not work)
如果你愿意,你可以更新它:
sudo apt-get install --reinstall ca-certificates
如果它现在可以工作,那么完美(在我的情况下它没有工作)
So to solve this:
所以要解决这个问题:
- Download from open-jdk8 (in my case) directly from oracle
- Extract the tar.gz files
- Find the new valid cacertsfile under jre/lib/security
- Copy this file to /etc/ssl/certs/java(removing the old one if that is your case)
- 直接从 oracle 从 open-jdk8(在我的情况下)下载
- 解压 tar.gz 文件
- 在jre/lib/security下找到新的有效cacerts文件
- 将此文件复制到/etc/ssl/certs/java(如果是这种情况,请删除旧的)
Finally run the comand that caused you this error and hopefully its gone! Hope this helped.
最后运行导致您出现此错误的命令,希望它消失了!希望这有帮助。
Cheers
干杯
回答by Ulrich
Today I found the reason:
今天我找到了原因:
Way back in history I once had set the WINDOWS environment variable MAVEN_OPTS by "setx MAVEN_OPTS "-Djavax.net.ssl.trustStore....".
回顾历史,我曾经通过“setx MAVEN_OPTS”-Djavax.net.ssl.trustStore....”设置了WINDOWS环境变量MAVEN_OPTS。
The path specified here does no longer exist.
此处指定的路径不再存在。
It seems this setting supersedes even the request showed in my question. I consider this behaviour to be at least unexpected but anyway. When I fixed the environment variable (pointing to the new path; but I'm going to delete it anyway) the mvn-requests worked fine.
似乎此设置甚至取代了我的问题中显示的请求。我认为这种行为至少是出乎意料的,但无论如何。当我修复环境变量(指向新路径;但无论如何我都会删除它)时,mvn-requests 工作正常。
回答by JorB
The fact that the invalid parameter in the environment was not overruled with the trustStore setting on the commandline, was probably due to the fact that there is a typoin your commandline. It says:
环境中的无效参数没有被命令行上的 trustStore 设置否决这一事实,可能是由于您的命令行中存在拼写错误。它说:
-Djava.net.ssl.trustStore=...
But this should have been:
但这应该是:
-Djavax.net.ssl.trustStore=...
回答by Mariano LEANCE
I manage manually my jdk and was getting this error with openjdk-8. I replaced the cacerts with the one of the openjdk-11 and it worked just fine. If you try this, make sure to backup your cacerts first.
我手动管理我的 jdk 并且在使用 openjdk-8 时遇到此错误。我用 openjdk-11 中的一个替换了 cacerts,它工作得很好。如果您尝试此操作,请确保先备份您的 cacerts。
回答by wjxiz
a more ez way to fix this problem: 1.go to download Corretto OpenJDK published by Amazon 2.install it according to its guide. 3.set to use this Java DK.
解决此问题的更多方法: 1. 去下载由亚马逊发布的 Corretto OpenJDK 2. 根据其指南安装它。3.设置使用这个Java DK。
problem fixed in my Ubuntu 18.
在我的 Ubuntu 18 中修复了问题。
