github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-16 08:36:55 +01:00
Code Issues Packages Projects Releases Wiki Activity

updated proxy configuration information

Browse Source
This commit is contained in:
Jeremy Long
2016-06-15 06:50:45 -04:00
parent 6be161a546
commit 8324287bd6
4 changed files with 26 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dependency-check-ant/src/site/markdown/configuration.md
View File

@@ -38,7 +38,7 @@ projectName | The name of the project being scanned.
reportFormat | The report format to be generated (HTML, XML, VULN, ALL). This configuration option has no affect if using this within the Site plugin unless the externalReport is set to true. | HTML
reportOutputDirectory | The location to write the report(s). Note, this is not used if generating the report as part of a `mvn site` build | 'target'
suppressionFile | The file path to the XML suppression file \- used to suppress [false positives](../general/suppression.html) |  
proxyServer | The Proxy Server. |  
proxyServer | The Proxy Server; see the [proxy configuration](../data/proxy.html) page for more information. |  
proxyPort | The Proxy Port. |  
proxyUsername | Defines the proxy user name. |  
proxyPassword | Defines the proxy password. |  

3
dependency-check-maven/src/site/markdown/configuration.md
View File

@@ -79,7 +79,8 @@ metaFileName | Sets the name of the file to use for storing the metadata
Proxy Configuration
====================
Use [Maven's settings](https://maven.apache.org/settings.html#Proxies) to configure a proxy server. If multiple proxies
Use [Maven's settings](https://maven.apache.org/settings.html#Proxies) to configure a proxy server. Please see the
dependency-check [proxy configuration](../data/proxy.html) page for additional problem solving techniques. If multiple proxies
are configured in the Maven settings file you must tell dependency-check which proxy to use with the following property:
Property | Description | Default Value

22
src/site/markdown/data/proxy.md
View File

@@ -9,3 +9,25 @@ to use a proxy to connect to the Internet. See the configuration settings for ea
Note, it may also be possible to use the core [Java proxy](https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html)
system properties instead of the configuration above.
Certificate Errors
------------------
In some cases if you setup a proxy the connection may still fail due to certificate
errors (see the log file from dependency-check). If you know which cert it's failing
on (either your proxy or NVD/CVE) you can either add the certificate itself or the
signing chain to your trust store. If you don't have access to modify the system
trust store (in $JAVA_HOME/lib/security/cacerts) you can copy it elsewhere and
import it using keytool, then specify that trust store on the command line
(`mvn -Djavax.net.ssl.trustStore=/path/to/cacerts`) or if you need to always
have that set, you can set the environment variable `JAVA_TOOL_OPTIONS` to have
`-Djavax.net.ssl.trustStore=/path/to/cacerts`.
Still failing?
--------------
In some cases the proxy is configured to block `HEAD` requests. While an attempt
is made by dependency-check to identify this situation it does not appear to be
100% successful. As such, the last thing to try is to add the property
`mvn -Ddownloader.quick.query.timestamp=false`.
If trying the above and it still fails please open a ticket in the
[github repo](https://github.com/jeremylong/DependencyCheck/issues).

2
src/site/markdown/dependency-check-gradle/configuration.md
View File

@@ -34,7 +34,7 @@ dependencyCheck {
Property | Description | Default Value
------------------|------------------------------------|------------------
server | The proxy server. |  
server | The proxy server; see the [proxy configuration](../data/proxy.html) page for more information. |  
port | The proxy port. |  
username | Defines the proxy user name. |  
password | Defines the proxy password. |