The march of standards continues unabated. Legacy TLS protocols 1.0
and 1.1 have varying weaknesses that could lead to a false sense of
In June, in an effort to raise security and comply with modern
standards, the insecure TLS 1.0 & 1.1 protocols will no longer be
supported for SSL connections to Central. This should only affect
users of Java 6 that are also using https to access central, which by
our metrics is less than .2% of users.
At the same time, this conversion will allow Central to support HTTP/2
with potential performance gains for modern http clients.
The details about why, when and what you need to do are documented at
the link below. As questions come up, we will continue to update this
If there is specific information required for non-maven build systems,
please send it along and we will include that as well.
The same content has been posted as a blog to make it easier to