[Spacewalk-list] Adding GPG keys to the channel
Avi Miller
avi.miller at oracle.com
Tue Apr 18 19:38:15 UTC 2017
Hi,
You need to distribute the GPG key via a configuration channel or another mechanism so that it’s actually sitting in /etc/pki/rpm-gpg/RPM-GPG-KEY-mysql on the target servers. The channel mechanism doesn’t automatically distribute the GPG keys for you.
If you add it to the GPG/SSL Keys page, you can distribute it during provisioning, but that doesn’t help your existing servers. That requires a configuration channel. I use both, i.e. I have all my GPG keys configured for provisioning purposes and I have a configuration channel with them so I can distribute them on demand too.
Hope that makes sense.
Cheers,
Avi
> On 19 Apr 2017, at 4:11 am, Daryl Rose <darylrose at outlook.com> wrote:
>
> I've never added in the GPG keys to the channel when I created the channel, but now I'm trying to do so.
>
> I'm setting up a new channel to work with the MySQL commercial version. Installation fails because the public key for mysql-commercial-server is not installed.
>
> I added RPM-GPG-KEY-mysql to /etc/pki/rpm-gpg and entered into the GPG key URL this path: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql <file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql>
> I'm not a gpg knowledgeable person, but a quick google search gave me the commands (I think) to get the GPG key ID and GPG key Fingerprint.
>
> gpg --quiet --with-fingerprint RPM-GPG-KEY-mysql
> pub 1024D/5072E1F5 2003-02-03 MySQL Release Engineering <mysql-build at oss.oracle.com <mailto:mysql-build at oss.oracle.com>>
> Key fingerprint = A4A9 4068 76FC BD3C 4567 70C8 8C71 8D3B 5072 E1F5
> uid MySQL Package signing key (www.mysql.com <http://www.mysql.com/>) <build at mysql.com <mailto:build at mysql.com>>
> sub 2048g/6D9876B8 2003-02-03 [expires: 2013-09-18]
>
> I believe that 5072E1F5 is the key ID and I know that fingerprint is A4A9 4068 76FC BD3C 4567 70C8 8C71 8D3B 5072 E1F5.
>
> <4-18-2017 11-11-20 AM.jpg>
>
> However, when I try to install mysql-commercial-server.x86_64, I get the following:
>
> Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql <file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql>
>
> GPG key retrieval failed: [Errno 14] curl#37 - "Couldn't open file /etc/pki/rpm-gpg/RPM-GPG-KEY-mysql"
>
> Any thoughts on what could be wrong? I think that my entries should work.
>
> Thank you.
>
> Daryl
>
>
>
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com <mailto:Spacewalk-list at redhat.com>
> https://www.redhat.com/mailman/listinfo/spacewalk-list <https://www.redhat.com/mailman/listinfo/spacewalk-list>
--
Oracle <http://www.oracle.com>
Avi Miller | Product Management Director | +61 (3) 8616 3496
Oracle Linux and Virtualization
417 St Kilda Road, Melbourne, Victoria 3004 Australia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20170419/01fddbcf/attachment.htm>
More information about the Spacewalk-list
mailing list