Pushing to Harbor which requires a ca cert

[MiellyEllen]

Is this a request for help?: YES

Is this a BUG REPORT or FEATURE REQUEST? (choose one): FEATURE REQUEST

Environment (plugin version, maven version, OS, ...): Any

What happened: mvn plugin does not support pushing image to Harbor with ca cert

What you expected to happen: would like an option to push and provide a path to a ca cert file

How to reproduce it (as minimally and precisely as possible): N/A

Anything else we need to know: Does anyone know of an existing helm mvn plugin that already supports this?

[edrandall]

cacerts file is in JAVA_HOME/[jre]/lib/security/cacerts You could either:

1. Update that cacerts file with your server's cert, using keytool -importcert
2. Create an alternate cacerts file and -Djavax.net.ssl.trustStore=/path/to/alternate/cacerts

For testing - look at SSLPoke - https://confluence.atlassian.com/kb/unable-to-connect-to-ssl-services-due-to-pkix-path-building-failed-779355358.html

To save a copy of a certificate from a server, use openssl:

openssl s_client -showcerts -connect servername:port | openssl x509 -out certfile.pem

To update an existing cacerts keystore file:

keytool -importcert -trustcacerts -alias servername -file certfile.pem -keystore cacerts 
password: changeit (this is the default JDK keystore passwd)

[steromano87]

I had the same issue and opened this ticket to support the insecure flag (available from version 6.7.0) also on the push goal: https://github.com/kokuwaio/helm-maven-plugin/issues/302