Working with self-hosted Maven central repository

Ignore server SSL certificate validity check:

mvn -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true


If you wish to add this setting globally, add an alias to mvn command:

In Linux (Ubuntu), edit ~/.bashrc and add the following line in the bottom of the file.

alias mvn="mvn -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true"

Now, put this change into effect immediately.

source ~/.bashrc

Now, whenever you execute a mvn command, it always substitutes the command with mvn -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true, which will always ignore the SSL certificate check.

What do these params mean?

  • -Dmaven.wagon.http.ssl.insecure=true – enable use of relaxed SSL check for user generated certificates.
  • -Dmaven.wagon.http.ssl.allowall=true – enable match of the server’s X.509 certificate with hostname. If disabled, a browser like check will be used.
  • -Dmaven.wagon.http.ssl.ignore.validity.dates=true – ignore issues with certificate dates.


Official documentation can be found here.

NOTE: The above method was purely intended for developers who constantly keep changing their machines and don’t wish to setup the SSL certificate in every machine. This is for those of you who are lazy! 🙂

Right way of setting up SSL certificates:

Get the valid SSL certificate file from certificate distributor/admin and place it in your machine.

Import the certificate into your Java environment:

keytool -import -keystore /path/to/java_home/lib/security/cacerts -alias mavenrepo -file /path/to/cer/file

You’re now good to go.

NOTE: Now this is a sane method of setting up SSL certificate check for your self-hosted Maven repository