Select the GnuPG key used in maven-gpg-plugin

Question

I've seen How to select the GnuPG key that the maven-gpg-plugin uses to sign artifacts? and many more questions, but I still can't make this maven plugin work.

I've created 2 keys with gpg and now I can see them by doing:

$ gpg --list-secret-keys --keyid-format LONG
-----------------------------
sec   rsa2048/835CAF6D1B0569EB 2017-12-12 [SC]
uid                 [ultimate] User 1 <email1@gmail.com>
ssb   rsa2048/7604C74FE62682EF 2017-12-12 [E]

sec   rsa2048/1330DF9E7C6D864E 2017-12-12 [SC]
uid                 [ultimate] User 2 <email2@gmail.com>
ssb   rsa2048/09982A57EC4B5F18 2017-12-12 [E]

my pom.xml is configured as follow:

<plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-gpg-plugin</artifactId>
  <version>1.6</version>
  <executions>
    <execution>
      <id>sign-artifacts</id>
      <phase>verify</phase>
      <goals>
        <goal>sign</goal>
      </goals>
      <configuration>
        <keyname>1330DF9E7C6D864E</keyname>
        <passphrase>supersecurepassword</passphrase>
      </configuration>
    </execution>
  </executions>
</plugin>

but when I do "mvn package gpg:sign" it always uses key 835CAF6D1B0569EB Standing to https://maven.apache.org/plugins/maven-gpg-plugin/sign-mojo.html, the keyname should send to gpg -u/--local-user, but it doesn't seem to work. I've also tried to use "gpgArguments" and "--default-key", and I tried "0x1330DF9E7C6D864E" and "0x1330DF9E7C6D864E!" (that standing to documentation should force the key). What's wrong with it?

Thanks

Answer 1

Add gpg prefix.

<gpg.keyname>1330DF9E7C6D864E</gpg.keyname>
<gpg.passphrase>supersecurepassword</gpg.passphrase>

Answer 2

Did you tried to use only the last 8 characters (7C6D864E) of the signature key? And also trying to append to the beginning 0x (0x7C6D864E)?

Also, try checking the signature keys

gpg --list-signatures --keyid-format 0xshort

gpg --list-signatures --keyid-format 0xlong

gpg --list-signatures

gpg --list-signatures --keyid-format short