Author: Mike Hearn 2014-08-05 15:11:17
Published on: 2014-08-05T15:11:17+00:00
Recently, it was discovered that the default package repository Maven uses was not protected by SSL until a few days ago. While it is now available via SSL, users need to inform Maven about the new URL before running 'mvn'. In the future, Maven will release a new version where SSL is the default setting. For now, users can save the provided settings.xml file to their path ~/.m2/ in order to use SSL. Despite criticism of Maven's use of XML for configuration, these settings are necessary to ensure secure access to the central repository. The settings.xml file includes information on the two repositories, with one being the newly secured 'securecentral' and the other being 'central', which still uses the unsecured URL. Both repositories have a true value for the 'enabled' tag.
Updated on: 2023-06-09T01:51:45.530512+00:00