PKIX path building failed: ... unable to find valid certification path to requested targetSo it was clear that maven was not passing the SSL system properties from my .mavenrc file:
This is what I discovered as I read more the documentation.
As it turns out, since the 2.1 release both "surefire" and "failsafe" maven plugins introduced the "optional" parameter to specify the "jvm" for a given test. I can see why it's a useful idea, but I missed to read the "small" foot print:
Option to specify the jvm (or path to the java executable) to use with the forking options. For the default, the jvm will be a new instance of the same VM as the one used to run Maven. JVM settings are not inherited from MAVEN_OPTS.This means that based on the "forkMode" option, a new VM will (potentially) be started. I tested this by trying the "forkMode=never" configuration. This made my test successfully call the secured web service. As I didn't like that approach, I opted for the plugin configuration approach using the "systemPropertiesVariables" configuration:
Notice that I also added SSL debug flags to see more verbose logging. This configuration ensured that my test was getting the SSL flags needed to enable 2-way SSL and continue operations. This was a small "gotcha" of the "surefire" and "failsafe" plugins. I'm glad they actually documented this feature.