Maven dependencies are failing with a 501 error

java maven jenkins maven-central
Arunan Sugunakumar picture Arunan Sugunakumar · Jan 16, 2020 · Viewed 100.9k times · Source

Recently Maven build jobs running in Jenkins are failing with the below exception saying that they couldn't pull dependencies from Maven Central and should use HTTPS. I'm not sure how to change the requests from HTTP to HTTPS. Could someone guide me on this matter?

[ERROR] Unresolveable build extension:
Plugin org.apache.maven.wagon:wagon-ssh:2.1 or one of its dependencies could not be resolved:
Failed to collect dependencies for org.apache.maven.wagon:wagon-ssh:jar:2.1 ():
Failed to read artifact descriptor for org.apache.maven.wagon:wagon-ssh:jar:2.1:
Could not transfer artifact org.apache.maven.wagon:wagon-ssh:pom:2.1 from/to central (http://repo.maven.apache.org/maven2):
Failed to transfer file: http://repo.maven.apache.org/maven2/org/apache/maven/wagon/wagon-ssh/2.1/wagon-ssh-2.1.pom.
Return code is: 501, ReasonPhrase:HTTPS Required. -> [Help 2]

Waiting for Jenkins to finish collecting data[ERROR]
Plugin org.apache.maven.plugins:maven-clean-plugin:2.4.1 or one of its dependencies could not be resolved:
Failed to read artifact descriptor for org.apache.maven.plugins:maven-clean-plugin:jar:2.4.1:
Could not transfer artifact org.apache.maven.plugins:maven-clean-plugin:pom:2.4.1 from/to central (http://repo.maven.apache.org/maven2):
Failed to transfer file: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-clean-plugin/2.4.1/maven-clean-plugin-2.4.1.pom.
Return code is: 501 , ReasonPhrase:HTTPS Required. -> [Help 1]

Answer

farasath picture farasath · Jan 16, 2020

The reason for the observed error is explained in Central 501 HTTPS Required

Effective January 15, 2020, The Central Repository no longer supports insecure communication over plain HTTP and requires that all requests to the repository are encrypted over HTTPS.

It looks like latest versions of Maven (tried with 3.6.0, 3.6.1) are already using the HTTPS URL by default.

Here are the dates when the major repositories will switch:

Your Java builds might break starting January 13th (if you haven't yet switched repo access to HTTPS)

Update: Seems like from maven 3.2.3 maven central is accessed via HTTPS See https://stackoverflow.com/a/25411658/5820670

Maven Change log (http://maven.apache.org/docs/3.2.3/release-notes.html)

Related questions

Maven build gets connection reset when downloading artifacts

We have a maven build that runs in jenkins in amazon ec2 instances. The total build takes 20-30min and roughly every other run it fails because it cant download artifacts from maven central. This is the failing part of …

Read More
Sonarqube: Missing blame information for the following files

I am getting the warning Missing blame information for the following files during analysis by SonarQube. [INFO] [22:19:57.714] Sensor SCM Sensor [INFO] [22:19:57.715] SCM provider for this project is: git [INFO] [22:19:57.715] 48 files to be analyzed [INFO] [22:19:58.448] 0/48 files analyzed [WARN] [22:19:58.448] Missing blame information …

Read More
Jenkins auto deploy tomcat 7

We're trying to deploy a war file with Jenkins, but nothing seems to happen. The project is built successfully, and we're using Jenkins deploy plugin. It is configured with the following options: Post steps are set to "run regardless of …

Read More