[
https://jira.codehaus.org/browse/MNG-5363?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=312750#comment-312750
]
Johannes Schneider commented on MNG-5363:
-----------------------------------------
This is a major problem.
A lot of guys are deploying to oss.sonatype.org these days.
The problem is well known and documented there:
https://support.sonatype.com/entries/22070546-deploy-fails-with-received-fatal-alert-bad-record-mac
Unfortunately this workaround does *not* work with Maven 3.0.4. Therefore
nobody is able to release multi module projects to oss.sonatype.org reliably.
I think this is a blocker....
> Regression for SSLv3
> --------------------
>
> Key: MNG-5363
> URL: https://jira.codehaus.org/browse/MNG-5363
> Project: Maven 2 & 3
> Issue Type: Bug
> Components: Errors
> Affects Versions: 3.0.4
> Environment: Operation system independent, but tested on Macbook Pro
> with 10.6 and Red Hat Enterprise Linux 6 on a virtual machine.
> Reporter: James Kionka
>
> When attempting to access a Maven repository which uses SSLv3, you get the
> following error, "javax.net.ssl.SSLException: Received fatal alert:
> bad_record_mac".
> Earlier versions of Maven used java.net.URLConnection which respects the
> https.protocols system property. This allowed us to set it to SSLv3, which is
> what our Maven repository uses. However, HttpClient ignores that property. In
> other situations, we programmatically tell HttpClient to use SSLv3, which we
> cannot do from our end.
> You can find another person in the same situation here:
> http://stackoverflow.com/questions/12787657/received-fatal-alert-bad-record-mac-when-deploying-to-sonatype
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://jira.codehaus.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
