Skip to content

Consume Central with Apache Maven⚓︎

Apache Maven retrieves all components from the Central Repository by default. Starting with Maven 3.2.3 the default access is via HTTPS and no further configuration is required.

Up to Maven version 3.2.2, no further configuration is required for access via HTTP, though this is no longer recommended given the availability of the HTTPS transport.

Access via HTTPS can be configured by reconfiguring the built in configuration for the "central" in your settings.xml usually placed in ~/.m2:

<settings>
  <activeProfiles>
    <!--make the profile active all the time -->
    <activeProfile>securecentral</activeProfile>
  </activeProfiles>
  <profiles>
    <profile>
      <id>securecentral</id>
      <!--Override the repository (and pluginRepository) "central" from the
         Maven Super POM -->
      <repositories>
        <repository>
          <id>central</id>
          <url>https://repo1.maven.org/maven2</url>
          <releases>
            <enabled>true</enabled>
          </releases>
        </repository>
      </repositories>
      <pluginRepositories>
        <pluginRepository>
          <id>central</id>
          <url>https://repo1.maven.org/maven2</url>
          <releases>
            <enabled>true</enabled>
          </releases>
        </pluginRepository>
      </pluginRepositories>
    </profile>
  </profiles>
</settings>