Nexus Repo Mgr OSS version 2.14.9-01 doesn't work on VPN using proxy

I have an issue where Nexus OSS cannot connect to repositories such as Maven Central and all others if I am over my Companies VPN. If I am not over VPN nexus can find and download artifacts. If over the VPN nexus cannot locate repositories. Any Ideas or suggestions, … thank you!

1. company uses a proxy script, I tried using the proxy script but I don’t think nexus supports this. it did not work.
   java.net.UnknownHostException: myapps.setpac.ge.com/pac.pac
   org.sonatype.nexus.proxy.RemoteStorageException: Transport error while executing GET method [repositoryId=“central”, requestPath="/.index/nexus-maven-repository-index.properties", remoteUrl=“https://repo1.maven.org/maven2/.index/nexus-maven-repository-index.properties”]

2. I remove the co. proxy script reference and go directly to the corp proxy server, but then I get a PKIX error.,
   javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
   Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
   Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

is there something I’m missing? what am I doing wrong? What did I miss?

thank you

I notice that there are some plugins missing.

image.png855×372 18.4 KB

For problem #2 have you tried trusting the certificate of the remote in the repository configuration?

https://help.sonatype.com/display/NXRM3/Configuring+SSL#ConfiguringSSL-OutboundSSL-TrustingSSLCertificatesofRemoteRepositories

thanks rseddon I’ll give this a try.

For the plugins showing as missing see here: https://issues.sonatype.org/browse/NEXUS-10981

rseddon,

hey, I don’t have the administrative repository sub menu as described in the doc link. maybe this is my overall problem. Why wouldn’t I have this.
" The administration user interface for repositories and repository groups is available via the Repositories item in the Repository sub menu of the Administration menu."

I missed the fact you were running Nexus Repo 2.x in my original reply. See here:

Rseddon,
thanks so much for helping me. Rseddon, It looks like there is something missing with my Nexus Repo OSS 2.x . the suggested instructions give a SSL tab on the repository. hmmmm, I don’t have such a tab. what did I do wrong? did I miss something during installation ??

image.png834×152 9.08 KB

Rseddon,
I just tried to create another proxy repo to see if the SSL or Truststore option is there and it is not an option when setting up a proxy repo?

The SSL tab only shows up if the URL of the proxy uses https. What is the URL set to in the central proxy?

thanks Rseddon,

https://repo1.maven.org/maven2/

Maven Central - there is no SSL tab

Sorry, I’d forgotten that in Nexus 2.x the SSL UI is a pro only feature, and requires a license. In Nexus 3.x the SSL feature is in both OSS and pro.

You’ll need to use this technique to import the certificate into the truststore of the java running Nexus:

Rseddon

it sounds like it is a licensed feature in 2.x but it comes out of box in 3.x - is this correct? if I upgraded to 3.x OSS would I need a license?

Yes, that’s right, if you upgrade to Nexus Repo 3 you don’t need a license for the SSL feature.

very Kewl. thanks so much Rseddon!!!

hey, just so you know. I performed the import of the proxy cert/ssl and it appears to work

this did the trick!!! thanks!

I will upgrade soon, but the proxy cert import worked.