The artifact repository I use as my primary mirror just switched over from HTTP to HTTPS. I had to add a truststore with the CA that issued the server certificate, as well as a keystore containing my client certificate, as per this guide.
In this question, a commenter mentions giving Maven access to the OSX keyring, but didn't know what to do in Linux. Has there been any movement on this in the last year+?
As far as I can tell, the "state of the art" is still to put your personal cert in a keystore, then put the keystore password in plain text in your .bashrc, which seems just plain wrong. Are there just not enough client-cert users to care?