nexus报Nexus was not configured with an encryption key and is using the Default key

• 创建一个json文件

  data/nexus-key.json

  {
    "active": "my-key",
    "keys": [
      {
        "id": "my-key",
        "key": "some-secret-key"
      }
    ]
  }
  

  把上面的id和key改成自己的

• 修改nexus的docker-compose.yaml配置

    nexus:
      image: sonatype/nexus3
      restart: always
      volumes:
        - ./data/nexus:/nexus-data
        - ./data/nexus-deploy:/opt/sonatype/nexus/deploy
        - ./data/nexus-key.json:/opt/nexus-key.json
      environment:
        - "NEXUS_SECRETS_KEY_FILE=/opt/nexus-key.json"
  

  执行docker compose up -d

• 修改生成的key

  打开System > API > Security Management: Secrets Encryption
  点击Try it out，body中输入以下内容

  {
    "secretKeyId": "my-key"
  }
  

  secretKeyId修改为自己的
  最后点击Execute
  也可以直接调用curl命令

  curl -X 'PUT' \
    'https://<your-instance-url>/service/rest/v1/secrets/encryption/re-encrypt' \
    -H 'accept: application/json' \
    -H 'Content-Type: application/json' \
    -H 'NX-ANTI-CSRF-TOKEN: <any-token>' \
    -H 'X-Nexus-UI: true' \
    -d '{
    "secretKeyId": "string",
    "notifyEmail": "string"
  }'
  

参考：
https://help.sonatype.com/en/re-encryption-in-nexus-repository.html

Views: 0