ant-ivy-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sven Zethelius <sv...@expedia.com>
Subject RE: Using client authentication (certificates) with Ivy
Date Tue, 06 Sep 2011 14:27:24 GMT
I've found ant to be a bit picky about which options are fed to the VM. Instead of passing
on the command line, try setting environment variable ANT_OPTS, which definitely get passed
to the Ant JVM, which is what runs ivy.

________________________________________
From: Adrian Howchin [adrian.howchin@mincom.com]
Sent: Sunday, September 04, 2011 10:58 PM
To: ivy-user@ant.apache.org
Subject: Using client authentication (certificates) with Ivy

Hi,

I have an Apache HTTPD server setup in between my clients (which do Ivy
retrieves) and my Nexus server. In beautiful ascii art:
Client (ivy) <-->   (Apache HTTPD server) <-->   Nexus server

The HTTPD server requires client authentication via signed certificates
before it will pass the connection on to the Nexus server
(http://httpd.apache.org/docs/2.0/ssl/ssl_howto.html#allclients).

I know how to get my browser to work with this setup (simply import a
certificate signed by the CA cert referenced by SSLCACertificateFile
inside the httpd.conf), but I don't know how to get this to work with
Ivy retrieve. I've tried using the "javax.net.ssl.*" options, i.e:

ant -Djavax.net.ssl.keyStore=/tmp/test.jks
-Djavax.net.ssl.keyStoreType=jks -Djavax.net.ssl.keyStorePassword=secret
-buildfile myBuildFile.xml

... and:

ant
-Djavax.net.ssl.trustStore=/tmp/test.jks-Djavax.net.ssl.trustStoreType=jks
-Djavax.net.ssl.trustStorePassword=secret -buildfile myBuildFile.xml

.. but neither of these work. I've tried creating a keystore and putting
inside the users' .ssh directory, but no joy. I've also tried simply
copying the signed certificate into the users' .ssh directory, but again
no joy.

Is it possible to use certificates for client authentication with Ivy?
If so, how?

--
Regards,
Adrian Howchin


This transmission is for the intended addressee only and is confidential information. If you
have received this transmission in error, please notify the sender and delete the transmission.
The contents of this e-mail are the opinion of the writer only and are not endorsed by the
Mincom Group of companies unless expressly stated otherwise.
Mime
View raw message