geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <>
Subject Does maven provide any support for re-signing artifacts with longer keys?
Date Sat, 28 Nov 2009 22:45:55 GMT
Apache has recently requested that all apache releases be signed with  
4096 bit keys and SHA512, see

I've released some artifacts using maven signed with an older 1024 bit  
key and most likely SHA1.

Is there any maven support for re-signing these older artifacts with a  
new longer key?  If not, does anyone have any advice for a non-maven  
way to do it?

david jencks

View raw message