Earlier this year we announced that we would be providing an insecure URL to accommodate legacy user agents that cannot comply with our latest security initiative. While it is strongly advised that you make the necessary environmental updates to enable encrypted transfer via HTTPS, we understand that this is not feasible for everyone.


The official insecure URL is http://insecure.repo1.maven.org/. This URL will continue to be supported after the January 2020 TLS only cutover date. If your environment does not support TLS encryption and you'll be using our insecure URL, it is important that you update your builds prior to 1/15/20 to prevent any service disruption.

Follow @sonatype_ops on Twitter for further updates as we approach the January 2020 cutover date.