[MNG-5679] Maven should fetch jars using https - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Critical
Resolution: Won't Fix
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Description

See the article "How to take over the computer of any Java (or Clojure or Scala) developer": http://blog.ontoillogical.com/blog/2014/07/28/how-to-take-over-any-java-developer/

As a result of this article, Sonatype has moved their repository to https and Typesafe has as well. (Typesafe found their GoDaddy cert doesn't work with some version of Java and is aiming to fix this by Aug 24, 2014)

When I download jars from Maven central using Maven, I'm using http. We really should make https the default here

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Java Developer

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 17/Aug/14 17:27

Updated:: 17/Aug/14 17:36

Resolved:: 17/Aug/14 17:36