使用maven的gpg没有默认密钥错误
gpg no default secret key error using maven
我正在尝试在中央存储库中发布我的 Maven 项目,我需要签署我的工件。我已经下载并安装了 gpg 并创建了我的密钥环。当我在 Eclipse 中 运行 a "maven clean deploy" 时,出现以下错误:
gpg: no default secret key: No secret key
gpg: signing failed: No secret key
我在网上搜索过,但我不知道该怎么做。我的 pom.xml 文件中关于 gpg 的唯一参考是
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.5</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
谢谢!
您无法签署工件,因为您没有 GPG 密钥。解决方法是create one.
很久以前就有人问过这个问题,我不记得我做了什么来解决它。我确实记得我的 settings.xml 文件中有一个拼写错误。这是我在文件中更改的内容:
<profile>
<id>sign</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<gpg.passphrase>password</gpg.passphrase>
</properties>
</profile>
现在可以使用了。
我刚遇到同样的错误信息。在我的例子中,它是由密钥过期引起的,因为这个命令显示:
six-58:tmp hot$ gpg --list-keys
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
/Users/hot/.gnupg/pubring.gpg
-----------------------------
pub 2048R/236D3BEF 2016-12-30 [expired: 2018-12-30]
uid Holger Thurow <...@gmail.com>
注意“[过期时间:2018-12-30]”。
这是我解决问题的方法:
six-58:tmp hot$ gpg --edit-key 236D3BEF
gpg (GnuPG) 1.4.19; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Secret key is available.
pub 2048R/236D3BEF created: 2016-12-30 expired: 2018-12-30 usage: SC
trust: ultimate validity: expired
sub 2048R/450709B5 created: 2016-12-30 expired: 2018-12-30 usage: E
[ expired] (1). Holger Thurow <...@gmail.com>
gpg> 1
pub 2048R/236D3BEF created: 2016-12-30 expired: 2018-12-30 usage: SC
trust: ultimate validity: expired
sub 2048R/450709B5 created: 2016-12-30 expired: 2018-12-30 usage: E
[ expired] (1)* Holger Thurow <...@gmail.com>
gpg> expire
Changing expiration time for the primary key.
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
You need a passphrase to unlock the secret key for
user: "Holger Thurow <...@gmail.com>"
2048-bit RSA key, ID 236D3BEF, created 2016-12-30
pub 2048R/236D3BEF created: 2016-12-30 expires: never usage: SC
trust: ultimate validity: ultimate
sub 2048R/450709B5 created: 2016-12-30 expired: 2018-12-30 usage: E
[ultimate] (1)* Holger Thurow <...@gmail.com>
gpg> save
详见"Dealing with Expired Keys"描述here。
注意:Eclipse 4.23(2022 年第一季度)现在将允许:
Manage trusted PGP keys
The Install/Update > Trust preference page allows to add or remove PGP public keys that are trusted by default during installation process.
Artifacts signed with a secret key matching one of the trusted public PGP key will install without prompting the Trust dialog.
当 运行 来自 Eclipse 时,这可以帮助 maven。
我通过将执行 IntelliJ IDEA maven 配置替换为在 git-bash 中执行它来解决这个问题。
我正在尝试在中央存储库中发布我的 Maven 项目,我需要签署我的工件。我已经下载并安装了 gpg 并创建了我的密钥环。当我在 Eclipse 中 运行 a "maven clean deploy" 时,出现以下错误:
gpg: no default secret key: No secret key
gpg: signing failed: No secret key
我在网上搜索过,但我不知道该怎么做。我的 pom.xml 文件中关于 gpg 的唯一参考是
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.5</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
谢谢!
您无法签署工件,因为您没有 GPG 密钥。解决方法是create one.
很久以前就有人问过这个问题,我不记得我做了什么来解决它。我确实记得我的 settings.xml 文件中有一个拼写错误。这是我在文件中更改的内容:
<profile>
<id>sign</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<gpg.passphrase>password</gpg.passphrase>
</properties>
</profile>
现在可以使用了。
我刚遇到同样的错误信息。在我的例子中,它是由密钥过期引起的,因为这个命令显示:
six-58:tmp hot$ gpg --list-keys
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
/Users/hot/.gnupg/pubring.gpg
-----------------------------
pub 2048R/236D3BEF 2016-12-30 [expired: 2018-12-30]
uid Holger Thurow <...@gmail.com>
注意“[过期时间:2018-12-30]”。
这是我解决问题的方法:
six-58:tmp hot$ gpg --edit-key 236D3BEF
gpg (GnuPG) 1.4.19; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Secret key is available.
pub 2048R/236D3BEF created: 2016-12-30 expired: 2018-12-30 usage: SC
trust: ultimate validity: expired
sub 2048R/450709B5 created: 2016-12-30 expired: 2018-12-30 usage: E
[ expired] (1). Holger Thurow <...@gmail.com>
gpg> 1
pub 2048R/236D3BEF created: 2016-12-30 expired: 2018-12-30 usage: SC
trust: ultimate validity: expired
sub 2048R/450709B5 created: 2016-12-30 expired: 2018-12-30 usage: E
[ expired] (1)* Holger Thurow <...@gmail.com>
gpg> expire
Changing expiration time for the primary key.
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
You need a passphrase to unlock the secret key for
user: "Holger Thurow <...@gmail.com>"
2048-bit RSA key, ID 236D3BEF, created 2016-12-30
pub 2048R/236D3BEF created: 2016-12-30 expires: never usage: SC
trust: ultimate validity: ultimate
sub 2048R/450709B5 created: 2016-12-30 expired: 2018-12-30 usage: E
[ultimate] (1)* Holger Thurow <...@gmail.com>
gpg> save
详见"Dealing with Expired Keys"描述here。
注意:Eclipse 4.23(2022 年第一季度)现在将允许:
Manage trusted PGP keys
The
Install/Update > Trustpreference page allows to add or remove PGP public keys that are trusted by default during installation process.Artifacts signed with a secret key matching one of the trusted public PGP key will install without prompting the Trust dialog.
当 运行 来自 Eclipse 时,这可以帮助 maven。
我通过将执行 IntelliJ IDEA maven 配置替换为在 git-bash 中执行它来解决这个问题。