archiva-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert von Burg <ei...@eitchnet.ch>
Subject Archiva as Maven Central Proxy: Checksum validation failed, expected
Date Sat, 12 Dec 2015 09:19:05 GMT
Hello Archiva Developers

I'm trying to use Archiva as a Proxy to Maven Central and as my own
repository for snapshots and releases.

My instance is configured with the following:
- default remote repository to maven central
- a managed repository mirror
- proxy connection from mirror to central
- two additional managed repositories internal and snapshots for my projects

I have then configured my local maven installation to use this
repository and i see a lot of these checksum validation failed issues:

[INFO]
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ ch.eitchnet.parent ---
Downloading: https://archive.eitchnet.ch/repository/mirror/org/apache/maven/maven-plugin-api/2.0.6/maven-plugin-api-2.0.6.pom
Downloaded: https://archive.eitchnet.ch/repository/mirror/org/apache/maven/maven-plugin-api/2.0.6/maven-plugin-api-2.0.6.pom
(2 KB at 40.6 KB/sec)
Downloading: https://archive.eitchnet.ch/repository/mirror/org/apache/maven/maven/2.0.6/maven-2.0.6.pom
[WARNING] Checksum validation failed, expected <!-- but is
1991be0ed3e1820e135201406d5acabf8c08d426 for
https://archive.eitchnet.ch/repository/mirror/org/apache/maven/maven/2.0.6/maven-2.0.6.pom
[WARNING] Could not validate integrity of download from
https://archive.eitchnet.ch/repository/mirror/org/apache/maven/maven/2.0.6/maven-2.0.6.pom:
Checksum validation failed, expected <!-- but is
1991be0ed3e1820e135201406d5acabf8c08d426
[WARNING] Checksum validation failed, expected <!-- but is
1991be0ed3e1820e135201406d5acabf8c08d426 for
https://archive.eitchnet.ch/repository/mirror/org/apache/maven/maven/2.0.6/maven-2.0.6.pom

Maybe it is of use, but as you can see, my archiva is secure by TLS.

If i go directly over maven central, then i don't have these issues.
Further i've tried different combinations like having the maven
central in a group. Using maven central in a group just makes it
insane slow, but still the same validation errors.

If i manually download the respective SHA1 hash file then i see the
expected hash, so i don't see how maven can suddenly think the value
should start with "<!--"

Has anyone ever seen this? Can anyone help me?

Kind regards
-- 
Robert von Burg <eitch@eitchnet.ch>
dipl. Informatiker in Softwareentwicklung HF / pBac-Eng ODEC
software development
system & network administration

https://www.eitchnet.ch
https://wiki.gsinet.ch

Mime
View raw message