After 2018/06/18, when I try to do mvn clean package in Java7 environment, it fails because it cannot communicate with Maven Central Repository.
For example, this is the environment. (It was a Java7 Windows Server 2008 R2 environment. Old ...)
> mvn --version
Apache Maven 3.6.0 (97c98ec64a1fdfee7767ce5ffb20918da4f719f3; 2018-10-25T03:41:47+09:00)
Maven home: C:\apache-maven-3.6.0\bin\..
Java version: 1.7.0_75, vendor: Oracle Corporation, runtime: C:\Program Files (x86)\xxxxxx\jdk\jre
Default locale: ja_JP, platform encoding: MS932
OS name: "windows server 2008 r2", version: "6.1", arch: "x86", family: "windows"
He went to the Maven Central Repository to get the required maven plugin maven-clean-plugin: 2.5, but he died with an error with [ERROR] ... Received fatal alert: protocol_version. I'm sorry.
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 0.805 s
[INFO] Finished at: 2018-12-14T11:46:23+09:00
[INFO] ------------------------------------------------------------------------
[ERROR] Plugin org.apache.maven.plugins:maven-clean-plugin:2.5 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-clean-plugin:jar:2.5: Could not transfer artifact org.apache.maven.plugins:maven-clean-plugin:pom:2.5 from/to central (https://repo.maven.apache.org/maven2): Received fatal alert: protocol_version -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/PluginResolutionException
The Received fatal alert: protocol_version here means ** "You have accessed with TLSv1.0, but we only support TLSv1.2" **.
From 2018/06/18, it seems that TLSv1.0 and TLSv1.1 have been changed without support.
Java7 supports the encryption protocols TLSv1.0, TLSV1.1, and TLSv1.2 as standard. Although supported, ** Java7 defaults to TLSv1.0 **.
So unless you explicitly specify it in the JVM settings or source code, Java7 will use TLSv1.0.
Since it depends on the specifications of the http client library used by the Java application, it cannot be said that Java7-> default TLSv1.0. Caution.
The straightforward method is this. Add -Dhttps.protocols = TLSv1.2 to the JVM startup options.
mvn -Dhttps.protocols=TLSv1.2 clean
In case of Windows, the mvn command is a batch file, so you can directly rewrite it ** (= black magic) **.
#The path of ↓ is, for example. Please read as the place where you placed it yourself.
C:\apache-maven-3.6.0\bin\mvn.cmd
There is a place where the java command is executed, so add the JVM option there.
"%JAVACMD%" ^
%JVM_CONFIG_MAVEN_PROPS% ^
%MAVEN_OPTS% ^
%MAVEN_DEBUG_OPTS% ^
-classpath %CLASSWORLDS_JAR% ^
"-Dclassworlds.conf=%MAVEN_HOME%\bin\m2.conf" ^
"-Dmaven.home=%MAVEN_HOME%" ^
"-Dlibrary.jansi.path=%MAVEN_HOME%\lib\jansi-native" ^
"-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^
+ "-Dhttps.protocols=TLSv1.2" ^
%CLASSWORLDS_LAUNCHER% %MAVEN_CMD_LINE_ARGS%
Recommended Posts