Which TLS versions are supported by Central?
As of June 15th 2018, Central (repo1.maven.org & repo.maven.apache.org) will be supporting TLS 1.2 only. If you encounter the error message
"Received fatal alert: protocol_version"
or
"Received fatal alert: peer not authenticated"
you have three options for remediation:
We recommended that you upgrade prior to June 15th 2018 to avoid any potential loss of service.
Why is this happening?
TLS 1.1 is inherently insecure and in order to maintain compliance, our provider is removing the last vestiges of support:
By June 30, 2018, all customers, including those on dedicated endpoints, must have converted to TLS-1.2. Due to the PCI Security Standards Council mandate, older TLS implementations will no longer be supported on Fastly infrastructure on shared or dedicated endpoints. There will be no exceptions made after this date.
To read more on this, see the GitHub blog.
Who is affected?
If you are using http to access Central, or Java 8+ with https urls, you are not affected.
If you are on Java 7, it supports TLS 1.2 but it is disabled by default in versions before 1.7.0_131-b31, and the following Apache Maven workaround functions for older Java 7 users:
mvn -Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2 <goals>
or add the following to your envinroment or build script:
export MAVEN_OPTS=-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2
If you are on Java 6, you will need to switch back to http or upgrade to a more modern Java version.
Original article source: https://central.sonatype.org/articles/2018/May/04/discontinue-support-for-tlsv11-and-below/
If so inclined, please share this news through your personal social media networks with peers that would find this update useful.