New gnupg tool does not create secring.gpg file and thus signing does not work

I feel I missed something obvious, but I can’t google for anything useful, so please guys, help me out here :wink: The tutorial at states that you should reference your secring.gpg file to sign your jars. However, this file is deprecated and no longer created by the gnupg tool. I am unable to create that file.

I have created a bug report at, but I fear that project is not managed actively.

Is there any way to force gnupg to create that secring.gpg file? Thank you!