...
By default Maven will sign the build artifacts with GPG, and assumes you have your system configured according to Sonatype's Blog entry "How to Generate PGP Signatures with Maven". One of the following should be used each time Maven is used to build the project.
- Skip the phase by passing
-Dgpg.skip=true
to Maven (required for users without GPG installed or configured). - Configure the GPG passphrase by passing
-Dgpg.passphrase=passphrase
to Maven (or simply-Dgpg.passphrase
if your private key does not require a passphrase). - Run the Maven build without specifying one of the above, in which case signing will be enabled and Maven will ask you to enter the passphrase during the signing phase.
...