Bumping this again. Cutover is next week. On Mon, May 21, 2018 at 2:22 PM, Brian Fox <bri...@infinity.nu> wrote:
> The march of standards continues unabated. Legacy TLS protocols 1.0 > and 1.1 have varying weaknesses that could lead to a false sense of > security. > > In June, in an effort to raise security and comply with modern > standards, the insecure TLS 1.0 & 1.1 protocols will no longer be > supported for SSL connections to Central. This should only affect > users of Java 6 that are also using https to access central, which by > our metrics is less than .2% of users. > > At the same time, this conversion will allow Central to support HTTP/2 > with potential performance gains for modern http clients. > > The details about why, when and what you need to do are documented at > the link below. As questions come up, we will continue to update this > faq. > > If there is specific information required for non-maven build systems, > please send it along and we will include that as well. > > https://central.sonatype.org/articles/2018/May/04/discontinue-support-for- > tlsv11-and-below/ > > I've posted the same content as a blog to make it easier to > disseminate here: > https://blog.sonatype.com/enhancing-ssl-security-and- > http/2-support-for-central >