diff --git a/README.md b/README.md
index 3ffbcc3b..3ce332ff 100644
--- a/README.md
+++ b/README.md
@@ -114,6 +114,7 @@ jobs:
         server-username: MAVEN_USERNAME # env variable for username in deploy
         server-password: MAVEN_CENTRAL_TOKEN # env variable for token in deploy
         gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }} # Value of the GPG private key to import
+        gpg-passphrase: MAVEN_GPG_PASSPHRASE
 
     - name: Publish to Apache Maven Central
       run: mvn deploy
diff --git a/__tests__/auth.test.ts b/__tests__/auth.test.ts
index 448df00a..09745a6b 100644
--- a/__tests__/auth.test.ts
+++ b/__tests__/auth.test.ts
@@ -167,7 +167,7 @@ describe('auth tests', () => {
             <gpg.passphrase>\${env.${gpgPassphrase}}</gpg.passphrase>
           </properties>
         </profile>
-      <profiles>
+      </profiles>
   </settings>
   `);
   });
diff --git a/dist/index.js b/dist/index.js
index b3fd50c0..22077061 100644
--- a/dist/index.js
+++ b/dist/index.js
@@ -2939,7 +2939,7 @@ function generate(id = exports.DEFAULT_ID, username = exports.DEFAULT_USERNAME,
             <gpg.passphrase>\${env.${escapeXML(gpgPassphrase)}}</gpg.passphrase>
           </properties>
         </profile>
-      <profiles>
+      </profiles>
   </settings>
   `;
 }
@@ -4581,6 +4581,8 @@ const path = __importStar(__webpack_require__(622));
 function run() {
     return __awaiter(this, void 0, void 0, function* () {
         try {
+            // Set secrets before use
+            core.setSecret('gpg-private-key');
             let version = core.getInput('version');
             if (!version) {
                 version = core.getInput('java-version', { required: true });
diff --git a/src/auth.ts b/src/auth.ts
index 53e058f8..b343f614 100644
--- a/src/auth.ts
+++ b/src/auth.ts
@@ -90,7 +90,7 @@ export function generate(
             <gpg.passphrase>\${env.${escapeXML(gpgPassphrase)}}</gpg.passphrase>
           </properties>
         </profile>
-      <profiles>
+      </profiles>
   </settings>
   `;
 }