I'm new to Maven and Spring.
The project runs in my local test environment, but not on the deployed system. On deployed system: I got a fresh installed Ubuntu with OpenSDK 10.0.1, Maven 3.5.2 I'm behind a different firewall and have a different keyStore and trustStore.
Maven spits out:
Non-resolvable parent POM for org.
[%mything%].app:useraut:0.0.1-SNAPSHOT: Could not transfer artifact org.springframework.boot:spring-boot-starter-parent:pom:1.5.9.RELEASE from/to central (https://repo.maven.apache.org/maven2): java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty and 'parent.relativePath' points at no local POM @ line 14, column 10 -> [Help 2]
pom snipet:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.9.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
(no proxy defined)
It seems I can find ideas for the solution: Error - trustAnchors parameter must be non-empty But I have no clue where to begin configuring Spring, Maven or trustStore
According to what I found out there is a weakness in the distribution package on Ubuntu Linux for OpenJDK Java 9 and above. So installing default-jdk may break things.
Citation from: (https://bugs.launchpad.net/ubuntu/+source/openjdk-lts/+bug/1768799) + additional certificate updates.
Note that re-installing default-jdk is optional and openjdk-8 could be continually to be used.
Workaround: remove default-jdk, install openjdk-8, remove openjdk-8 and reinstall default-jdk:
sudo apt purge openjdk-default java-common
sudo apt purge default-jdk java-common
sudo dpkg --purge --force-depends ca-certificates-java
sudo apt install openjdk-8-jre
sudo apt-get install ca-certificates-java
sudo apt purge openjdk-8-jre
sudo apt install default-jdk
After this i also found out that the version of Spring I was using didn't run well on Java 10.0.1 so back to Java 8.x for that purpose.
Basically it is about ca-certificates-java. It is even more frustrating when you obtain the JDK outside linux distro repositories.
Here I got the clue from: http://rabexc.org/posts/certificates-not-working-java
I modified the bash script in the comment
CACERTS="/home/user/cacerts"
cd /etc/ssl/certs
for file in *.pem; do
echo "Importing $file..."
openssl x509 -outform der -in "$file" -out /tmp/certificate.der
keytool -import -alias "$file" -keystore $CACERTS \
-file /tmp/certificate.der -deststorepass changeit -noprompt
done
Modify the the first line to suit yourself. I run it on debian, for other system you might need to change the second line as well.
Then I copy the "cacerts" file into JDK which lies on $JAVA_HOME/jre/lib/security/cacerts
来源:https://stackoverflow.com/questions/50571685/maven-trustanchors-parameter-must-be-non-empty-and-parent-relativepath-inva