You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Robert Scholte (Jira)" <ji...@apache.org> on 2019/10/25 19:40:00 UTC

[jira] [Updated] (MGPG-58) Encrypted Passphrase in settings.xml fails

     [ https://issues.apache.org/jira/browse/MGPG-58?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Robert Scholte updated MGPG-58:
-------------------------------
    Description: 
I have my Maven build set up to automatically sign my artifacts and have everything working perfectly when the settings.xml profile entry has the clear text passphrase.

If I use mvn --encrypt-password to generate an encrypted version of the passphrase and substitute it for my clear-text passphrase, the gpg plugin fails with:

gpg: no default secret key: Bad passphrase
gpg: signing failed: Bad passphrase

My profile looks like this:
{code:xml}
  <profiles>
    <profile>
      <id>ossrh</id>
      <activation>
        <activeByDefault>true</activeByDefault>
      </activation>
      <properties>
        <gpg.executable>gpg</gpg.executable>
        <gpg.passphrase>{rDYNQ7KHyZYHJogTS2ppwiLCu+ZJjJ4uEhsG8tLsadw=}</gpg.passphrase>
      </properties>
    </profile>
  </profiles>
{code}
Replacing the encrypted passphrase with the clear text one makes the build work again...

  was:
I have my Maven build set up to automatically sign my artifacts and have everything working perfectly when the settings.xml profile entry has the clear text passphrase.

If I use mvn --encrypt-password to generate an encrypted version of the passphrase and substitute it for my clear-text passphrase, the gpg plugin fails with:

gpg: no default secret key: Bad passphrase
gpg: signing failed: Bad passphrase

My profile looks like this:

  <profiles>
    <profile>
      <id>ossrh</id>
      <activation>
        <activeByDefault>true</activeByDefault>
      </activation>
      <properties>
        <gpg.executable>gpg</gpg.executable>
        <gpg.passphrase>{rDYNQ7KHyZYHJogTS2ppwiLCu+ZJjJ4uEhsG8tLsadw=}</gpg.passphrase>
      </properties>
    </profile>
  </profiles>

Replacing the encrypted passphrase with the clear text one makes the build work again...


> Encrypted Passphrase in settings.xml fails 
> -------------------------------------------
>
>                 Key: MGPG-58
>                 URL: https://issues.apache.org/jira/browse/MGPG-58
>             Project: Maven GPG Plugin
>          Issue Type: Bug
>    Affects Versions: 1.6
>            Reporter: Robert Patrick
>            Priority: Major
>
> I have my Maven build set up to automatically sign my artifacts and have everything working perfectly when the settings.xml profile entry has the clear text passphrase.
> If I use mvn --encrypt-password to generate an encrypted version of the passphrase and substitute it for my clear-text passphrase, the gpg plugin fails with:
> gpg: no default secret key: Bad passphrase
> gpg: signing failed: Bad passphrase
> My profile looks like this:
> {code:xml}
>   <profiles>
>     <profile>
>       <id>ossrh</id>
>       <activation>
>         <activeByDefault>true</activeByDefault>
>       </activation>
>       <properties>
>         <gpg.executable>gpg</gpg.executable>
>         <gpg.passphrase>{rDYNQ7KHyZYHJogTS2ppwiLCu+ZJjJ4uEhsG8tLsadw=}</gpg.passphrase>
>       </properties>
>     </profile>
>   </profiles>
> {code}
> Replacing the encrypted passphrase with the clear text one makes the build work again...



--
This message was sent by Atlassian Jira
(v8.3.4#803005)