[
https://issues.apache.org/jira/browse/MNG-6560?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16739607#comment-16739607
]
Robert Scholte commented on MNG-6560:
-------------------------------------
{quote}And I've pasted it in the settings.xml file of Maven 3.5.4 and Maven
2.2.1.
{quote}
I would suggest to remove it there and put it in the
${user.home}/.m2/settings.xml
Now all Maven versions can benefit from these encrypted settings.
> Error encrypting Maven password when having more than one instance of Maven.
> ----------------------------------------------------------------------------
>
> Key: MNG-6560
> URL: https://issues.apache.org/jira/browse/MNG-6560
> Project: Maven
> Issue Type: Bug
> Components: Settings
> Reporter: chortels
> Priority: Major
>
> Hi,
> I've installed two Maven instances (3.5.4 and 2.2.1) in a production
> environment. For security reasons, we want the passwords of the Nexus server
> where Maven can take or deploy libraries to be encrypted. To achieve that, I
> have used the feature that Maven offers related to Password encryption:
> [https://maven.apache.org/guides/mini/guide-encryption.html]
> These are the steps I have followed:
> With Maven 3.5.4 I've executed
> {code:java}
> mvn --encrypt-master-password <password>
> {code}
> I've pasted the master encrypted password in
> ${user.home}/.m2/settings-security.xml, following the syntax that is
> indicated.
> Then, I've created, with Maven 3.5.4, the server password
> {code:java}
> mvn --encrypt-password <password>
> {code}
> And I've pasted it in the settings.xml file of Maven 3.5.4 and Maven 2.2.1.
> Then, when trying to download artifacts, I've realised that the only version
> that I can use to download libraries from Nexus is 3.5.4, but not 2.2.1. I
> suppose this is because all commands to generate the master and server
> passwords have been executed with Maven 3.5.4 but, given that we must use two
> different versions of Maven, is there any way to generate passwords for these
> two versions so they are able to download or deploy artifacts using only
> encrypted passwords? I've tried to include two master passwords in the
> settings-security.xml file, but it seems that this is not allowed. Do you
> know any solution to achieve this?
>
> Thanks for your attention,
>
> Regards.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
