On 29 February 2012 00:09, Gilles Sadowski <[email protected]> wrote: >> >> [...] >> >> >> >> > I think that this, indeed, did not test the use of the encrypted >> >> > password >> >> > for login. >> >> >> >> To test the login encryption, I suggest you try deploying a snapshot >> >> release instead (e.g. install from trunk, which should remain a >> >> snapshot). >> > >> > This command >> > >> > $ mvn clean deploy -Prelease -Dgpg.skip >> > >> > worked. A.o. it uploaded this file: >> > https://repository.apache.org/content/repositories/snapshots/org/apache/commons/commons-math3/3.0-SNAPSHOT/commons-math3-3.0-20120228.1019 >> >> OK, so the login password encryption is working. >> >> AIUI one should not use -Prelease with snapshots as they are not releases. >> The release profile is intended for staging of release artifacts, and >> as such includes signing. > > I took the command from this document: > http://wiki.apache.org/commons/UsingNexus > >> >> The next stage is to get the signing key working. >> >> I suggest you revert temporarily to a plain text password, and check >> you can sign locally, e.g. >> >> mvn package gpg:sign -DskipTests >> >> Then try encrypting the password again. > > With > <gpg.passphrase>Pass phrase in clear text</gpg.passphrase> > it works; whereas with > <gpg.passphrase>{dwQBDCzUlr8Hb4JOieNAAhzWzTT0Gnmy5yOayp6W4CpbnGsVQrii/bcwDRjwYx9U}</gpg.passphrase> > it doesn't. >
Just re-checked, and it seems that Maven only supports password encryption for *server* passwords. Sorry, thought Maven supported encryption elsewhere in settings.xml too. > Gilles > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
