1

I have GPG correctly configured and MAVEN also referring the correct KEY. This has always worked. And now some how Maven is always giving the following error: 

gpg: skipped "39619BDF": No secret key
gpg: signing failed: No secret key

(I am not sure if it is not related with the use of the JDK11 rather than JDK 8 )

Maven settings.xml has:

<profile>
      <id>ossrh</id>
      <activation>
        <activeByDefault>true</activeByDefault>
      </activation>
      <properties>
        <gpg.executable>gpg2</gpg.executable>
        <gpg.passphrase>xxxxxxxxx</gpg.passphrase>
        <gpg.keyname>39619BDF</gpg.keyname>
      </properties>
    </profile>
  </profiles>

The command gpg2 --edit-key 39619BDF shows: 

gpg (GnuPG) 2.0.29; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.


pub  2048R/39619BDF  created: 2016-01-27  expires: never       usage: SC
                     trust: ultimate      validity: ultimate
sub  2048R/9AE84F82  created: 2016-01-27  expires: never       usage: E
[ultimate] (1). Miguel Gamboa (Miguel Gamboa works at CC.ISEL.IPL.PT) <miguelgamboa@outlook.com>

The only thing that I notice is missing the message Secret key is available as it appears in Maven documentation: https://central.sonatype.org/pages/working-with-pgp-signatures.html#dealing-with-expired-keys

Miguel Gamboa
  • 8,855
  • 7
  • 47
  • 94

1 Answers1

0

I am not realizing the reason behind this problem.

I just generate a new freshly GPG key which now shows the message Secret key is available and I replaced the key in Maven settings.xml and now the build works fine signing the artifacts.

Yet, I don't know why this started to happen.

Miguel Gamboa
  • 8,855
  • 7
  • 47
  • 94