ant-ivy-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nicolas Lalevée <nicolas.lale...@hibnet.org>
Subject Re: Using client authentication (certificates) with Ivy
Date Thu, 08 Sep 2011 17:49:04 GMT

Le 5 sept. 2011 à 07:58, Adrian Howchin a écrit :

> Hi,
> 
> I have an Apache HTTPD server setup in between my clients (which do Ivy
> retrieves) and my Nexus server. In beautiful ascii art:
> Client (ivy) <-->   (Apache HTTPD server) <-->   Nexus server
> 
> The HTTPD server requires client authentication via signed certificates
> before it will pass the connection on to the Nexus server
> (http://httpd.apache.org/docs/2.0/ssl/ssl_howto.html#allclients).
> 
> I know how to get my browser to work with this setup (simply import a
> certificate signed by the CA cert referenced by SSLCACertificateFile
> inside the httpd.conf), but I don't know how to get this to work with
> Ivy retrieve. I've tried using the "javax.net.ssl.*" options, i.e:
> 
> ant -Djavax.net.ssl.keyStore=/tmp/test.jks
> -Djavax.net.ssl.keyStoreType=jks -Djavax.net.ssl.keyStorePassword=secret
> -buildfile myBuildFile.xml
> 
> ... and:
> 
> ant
> -Djavax.net.ssl.trustStore=/tmp/test.jks-Djavax.net.ssl.trustStoreType=jks
> -Djavax.net.ssl.trustStorePassword=secret -buildfile myBuildFile.xml

Here, with -D... on ant's command line, you are setting ant properties, not system property
of the JVM. So set JVM properties you must use the environment property ANT_OPTS.
export ANT_OPTS="-Djavax.net.ssl.keyStore=/tmp/test.jks -Djavax.net.ssl.keyStoreType=jks -Djavax.net.ssl.keyStorePassword=secret"
ant -buildfile myBuildFile.xml

and you should be good with that.

Nicolas


Mime
View raw message