Skip to content

Discontinued support for TLSv1.1 and below on Publishing servers and search.maven.org⚓︎

Question⚓︎

Which TLS versions are supported by Central Services?

Answer⚓︎

As of September 30th 2021, the Publishing servers and search.maven.org supports TLS 1.2 only. Primary user facing services (repo1.maven.org, repo.maven.apache.org) are already configured in this fashion.

The list of affected Endpoints is below:

You may encounter different errors depending on the client/browser used to query the services above. Some of them could be:

  • ERR_SSL_VERSION_OR_CYPHER_MISMATCH
  • Secure Connection Failed ssl_error_no_cypher_overlap
  • Received fatal alert: protocol_version
  • peer not authenticated

If you encounter any issue similar to these, you need to update your client/browser to one that supports TLS 1.2 to continue using any of the services

Question⚓︎

Why did this happen?

Answer⚓︎

TLS 1.1 or below are inherently insecure and in order to maintain compliance with best practices we are forcing the minimum TLS version to 1.2.

Question⚓︎

I cannot implement the above required changes in my environment -- what are my options?

Answer⚓︎

You won't be able to query or access the mentioned services. There is no workaround.

Question⚓︎

What about support of TLS 1.3?

Answer⚓︎

We are evaluating and waiting for the support being available on all our providers to add future support of TLS 1.3 on our services.

Back to top