Apache Maven 3.0.4 (with Apache Maven Wagon 2.1) has introduced a non-secure
SSL mode by default. This mode disables all SSL certificate checking,
including: host name verification , date validity, and certificate
chain. Not validating the certificate introduces the possibility of a
All users are recommended to upgrade to Apache Maven 3.0.5 and Apache
Maven Wagon 2.4.
This issue was identified by Graham Leggett