chortels created MNG-6560: ----------------------------- Summary: Error encrypting Maven password when having more than one instance of Maven. Key: MNG-6560 URL: https://issues.apache.org/jira/browse/MNG-6560 Project: Maven Issue Type: Bug Components: Settings Reporter: chortels
Hi, I've installed two Maven instances (3.5.4 and 2.2.1) in a production environment. For security reasons, we want the passwords of the Nexus server where Maven can take or deploy libraries to be encrypted. To achieve that, I have used the feature that Maven offers related to Password encryption: [https://maven.apache.org/guides/mini/guide-encryption.html] These are the steps I have followed: With Maven 3.5.4 I've executed {code:java} mvn --encrypt-master-password <password> {code} I've pasted the master encrypted password in ${user.home}/.m2/settings-security.xml, following the syntax that is indicated. Then, I've created, with Maven 3.5.4, the server password {code:java} mvn --encrypt-password <password> {code} And I've pasted it in the settings.xml file of Maven 3.5.4 and Maven 2.2.1. Then, when trying to download artifacts, I've realised that the only version that I can use to download libraries from Nexus is 3.5.4, but not 2.2.1. I suppose this is because all commands to generate the master and server passwords have been executed with Maven 3.5.4 but, given that we must use two different versions of Maven, is there any way to generate passwords for these two versions so they are able to download or deploy artifacts using only encrypted passwords? I've tried to include two master passwords in the settings-security.xml file, but it seems that this is not allowed. Do you know any solution to achieve this? Thanks for your attention, Regards. -- This message was sent by Atlassian JIRA (v7.6.3#76005)