Merge branch '212590-lc-maven-docs' into 'master'

Document TLS verification with private Maven repo See merge request gitlab-org/gitlab!29195

Merge branch '212590-lc-maven-docs' into 'master'
Document TLS verification with private Maven repo See merge request gitlab-org/gitlab!29195
b7bbe7e9 · Nick Gaskill · 58b17cee · b0666bf4 · b7bbe7e9 · b7bbe7e9
Commit b7bbe7e9 authored Apr 09, 2020 by Nick Gaskill
2 changed files
--- a/doc/user/application_security/offline_deployments/index.md
+++ b/doc/user/application_security/offline_deployments/index.md
@@ -78,3 +78,4 @@ above. You can find more information at each of the pages below:
 - [Container scanning offline directions](../container_scanning/index.md#running-container-scanning-in-an-offline-environment)
 - [SAST offline directions](../sast/index.md#gitlab-sast-in-an-offline-environment)
 - [DAST offline directions](../dast/index.md#running-dast-in-an-offline-environment)
+- [License Compliance offline directions](../../compliance/license_compliance/index.md#running-license-compliance-in-an-offline-environment)
--- a/doc/user/compliance/license_compliance/index.md
+++ b/doc/user/compliance/license_compliance/index.md
@@ -198,6 +198,22 @@ you can use the `MAVEN_CLI_OPTS` environment variable.

 Read more on [how to use private Maven repos](../../application_security/index.md#using-private-maven-repos).

+You can also use `MAVEN_CLI_OPTS` to connect to a trusted Maven repository that uses a self-signed
+or internally trusted certificate. For example:
+
+```yaml
+include:
+  - template: License-Scanning.gitlab-ci.yml
+
+license_scanning:
+  variables:
+    MAVEN_CLI_OPTS: -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true -Dmaven.wagon.http.ssl.insecure=true
+```
+
+Alternatively, you can use a Java key store to verify the TLS connection. For instructions on how to
+generate a key store file, see the
+[Maven Guide to Remote repository access through authenticated HTTPS](http://maven.apache.org/guides/mini/guide-repository-ssl.html).
+
 ### Selecting the version of Python

 > - [Introduced](https://gitlab.com/gitlab-org/security-products/license-management/-/merge_requests/36) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.0.
@@ -305,6 +321,9 @@ process:
 1. Ensure the package registry is reachable from within the GitLab environment and that the package
   manager is configured to use your preferred package registry.

+Additional [configuration](#using-private-maven-repos) may be needed for connecting to private Maven
+repositories.
+
 ## Project policies for License Compliance

 > [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/5940) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.4.