Keeping with our desire to protect the entire Central Repository ecosystem, SSL connectivity to the Central Repository from JFrog Artifactory or Apache Archiva is now available.
We’re using SSL because it is the standard mechanism for protecting web traffic – across the spectrum of Ecommerce, banking, health care, and so on. Providing SSL support for Central means that your components are no longer susceptible to man-in-the-middle attacks that could compromise the component. SSL also eliminates the potential for a hacker to gain visibility into your organization by tracking the components that you download for your development initiatives.
Given the tremendous growth of Central, and to better protect applications that are now largely built from OSS components, we’re making SSL connectivity to Central available to anyone regardless of their repository manager. SSL is now the default connectivity option for Nexus Pro users. SSL is available for other repository managers, such as Nexus OSS & Artifactory or Archiva, for a $10 donation that will be used to support open source foundations such as Apache and Eclipse.
After you register and make the $10 donation, a token will be provided that your organization can use to secure access to Central.
If you are an Artifactory, Archiva or Nexus OSS user, you can get SSL access here.
Archiva 1.4+ is required.
Artifactory 2.6.5 is required.
If you are an existing Nexus Pro customer, you can download the latest release from the support page.
