Maven dependencies are failing with a 501 error

The reason for the observed error is explained in Central 501 HTTPS Required

Effective January 15, 2020, The Central Repository no longer supports insecure communication over plain HTTP and requires that all requests to the repository are encrypted over HTTPS.

It looks like latest versions of Maven (tried with 3.6.0, 3.6.1) are already using the HTTPS URL by default.

Here are the dates when the major repositories will switch:

Your Java builds might break starting January 13th (if you haven't yet switched repo access to HTTPS)

Update: Seems like from maven 3.2.3 maven central is accessed via HTTPS See https://stackoverflow.com/a/25411658/5820670

Maven Change log (http://maven.apache.org/docs/3.2.3/release-notes.html)


Effective January 15, 2020, The Central Repository no longer supports insecure communication over plain HTTP and requires that all requests to the repository are encrypted over HTTPS.

If you're receiving this error, then you need to replace all URL references to Maven Central with their canonical HTTPS counterparts.

(source)

We have made the following changes in my project's build.gradle:

Old:

repositories {
   maven { url "http://repo.maven.apache.org/maven2" }
}

New:

repositories {
   maven { url "https://repo.maven.apache.org/maven2" }
}

I am facing the same problem. There are two solutions that I tried, and both works fine for me.

  • Update the Maven version repository (Maven version >= 3.2.3)
  • Restrict the current Maven version to use HTTPS links.

Update the Maven version repository:

Download the Apache Maven binary that includes the default https addresses (Apache Maven 3.6.3 binary). And open the Options dialog window in tools of NetBeans menu bar (Java Maven Dialog View). And select browse option in Maven Home List Box (Maven Home List Box View). After adding the Apache Maven newly downloaded version (Updated Maven Home List Box View), the project builds and runs successfully.

Restrict the current Maven version to use HTTPS links:

Include the following code in pom.xml of your project.

<project>
      ...
    <pluginRepositories>
        <pluginRepository>
            <id>central</id>
            <name>Central Repository</name>
            <url>https://repo.maven.apache.org/maven2</url>
            <layout>default</layout>
            <snapshots>
                <enabled>false</enabled>
            </snapshots>
            <releases>
                <updatePolicy>never</updatePolicy>
            </releases>
        </pluginRepository>
    </pluginRepositories>
    <repositories>
        <repository>
            <id>central</id>
            <name>Central Repository</name>
            <url>https://repo.maven.apache.org/maven2</url>
            <layout>default</layout>
            <snapshots>
                <enabled>false</enabled>
            </snapshots>
        </repository>
    </repositories>
</project>

Try to hit the below URL in any browser. It will return 501

http://repo.maven.apache.org/maven2/org/apache/maven/wagon/wagon-ssh/2.1/wagon-ssh-2.1.pom

Please try with https. It will download a pom.xml file:

https://repo.maven.apache.org/maven2/org/apache/maven/wagon/wagon-ssh/2.1/wagon-ssh-2.1.pom

Please add it (https://repo.maven.apache.org/maven2) in the setting.xml file:

<repositories>
   <repository>
      <id>Central Maven repository</id>
      <name>Central Maven repository https</name>
      <url>https://repo.maven.apache.org/maven2</url>
   </repository>
</repositories>