Creating Signing keys

Table of Contents

Summary
First Approach
- Export Key to clipboard
Open Tasks / Todos

Summary

For Signing the code artifacts, precondition for uploading to maven-central We need a gpg-signing key

First Approach

Starting with Jose Carvajal excellent introduction: Deploy Your GitHub Project to Maven Central from GitHub actions → Thanks a lot for sharing

Install the GPG tool
Generate a new key-par using 'gpg --generate-key'
gpg --list-keys:

pub   rsa3072 2022-12-04 [SC] [verfällt: 2024-12-03]
      D6A0*****
uid        [ ultimativ ] ****>
sub   rsa3072 2022-12-04 [E] [verfällt: 2024-12-03]

gpg --keyserver keyserver.ubuntu.com --send-keys D6A0* Optional, to speed things up, not strictly necessary:
gpg --keyserver eys.openpgp.org --send-keys D6A0*
gpg --keyserver pgp.mit.edu --send-keys D6A0*

Export Key to clipboard

macOS

gpg --armor --export-secret-key joe@foo.bar | pbcopy

Ubuntu (assuming GNU base64)

gpg --armor --export-secret-key joe@foo.bar -w0 | xclip

Open Tasks / Todos

Minimize the key to a signing key
Create a project instead of a person specific key.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

signing_key.adoc

signing_key.adoc

Creating Signing keys

Summary

First Approach

Export Key to clipboard

macOS

Ubuntu (assuming GNU base64)

Open Tasks / Todos

Files

signing_key.adoc

Latest commit

History

signing_key.adoc

File metadata and controls

Creating Signing keys

Summary

First Approach

Export Key to clipboard

macOS

Ubuntu (assuming GNU base64)

Open Tasks / Todos