[MNGSITE-341] use https for sigs, hashes and KEYS
authorHervé Boutemy <hboutemy@apache.org>
Wed, 29 Aug 2018 12:42:28 +0000 (14:42 +0200)
committerHervé Boutemy <hboutemy@apache.org>
Wed, 29 Aug 2018 12:42:28 +0000 (14:42 +0200)
src/site/xdoc/download.xml.vm

index 3c88adf..1bfd348 100644 (file)
@@ -34,7 +34,7 @@ under the License.
 
       <p>In order to guard against corrupted downloads/installations, it is highly recommended to
       <a href="http://www.apache.org/dev/release-signing#verifying-signature">verify the signature</a>
-      of the release bundles against the public <a href="http://www.apache.org/dist/maven/KEYS">KEYS</a> used by the Apache Maven
+      of the release bundles against the public <a href="https://www.apache.org/dist/maven/KEYS">KEYS</a> used by the Apache Maven
       developers.</p>
 
       <p>${project.name} is distributed under the <a href="http://www.apache.org/licenses/">Apache License, version 2.0</a>.</p>