You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@maven.apache.org by Pino Silvaggio <pi...@gmail.com> on 2012/04/10 20:59:24 UTC

Signing a thirdparty artifact and deploying it ???

Lets say I need to codesign an artifact (getdown.jar) with our company 
certificate.

I have named it getdown-1.2.3-signed-xo.jar where I plan to deploy it 
with classifier "signed-xo".

I also plan to deploy it to a different repository, not our thridparty 
repo but our release repository... I am not sure of this part...

Question, what is the best practice here?

I mean getdown is available from central but I still need a signed 
artifact...

Help is appreciated.

-

p