[Spacewalk-list] Adding GPG keys to the channel

Avi Miller avi.miller at oracle.com
Tue Apr 18 19:38:15 UTC 2017


Hi,

You need to distribute the GPG key via a configuration channel or another mechanism so that it’s actually sitting in /etc/pki/rpm-gpg/RPM-GPG-KEY-mysql on the target servers. The channel mechanism doesn’t automatically distribute the GPG keys for you.

If you add it to the GPG/SSL Keys page, you can distribute it during provisioning, but that doesn’t help your existing servers. That requires a configuration channel. I use both, i.e. I have all my GPG keys configured for provisioning purposes and I have a configuration channel with them so I can distribute them on demand too.

Hope that makes sense.

Cheers,
Avi

> On 19 Apr 2017, at 4:11 am, Daryl Rose <darylrose at outlook.com> wrote:
> 
> I've never added in the GPG keys to the channel when I created the channel, but now I'm trying to do so.
> 
> I'm setting up a new channel to work with the MySQL commercial version.  Installation fails because the public key for mysql-commercial-server is not installed.
> 
> I added RPM-GPG-KEY-mysql to /etc/pki/rpm-gpg and entered into the GPG key URL this path: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql <file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql>
> I'm not a gpg knowledgeable person, but a quick google search gave me the commands (I think) to get the GPG key ID and GPG key Fingerprint.
> 
> gpg --quiet --with-fingerprint RPM-GPG-KEY-mysql
> pub  1024D/5072E1F5 2003-02-03 MySQL Release Engineering <mysql-build at oss.oracle.com <mailto:mysql-build at oss.oracle.com>>
>       Key fingerprint = A4A9 4068 76FC BD3C 4567  70C8 8C71 8D3B 5072 E1F5
> uid                            MySQL Package signing key (www.mysql.com <http://www.mysql.com/>) <build at mysql.com <mailto:build at mysql.com>>
> sub  2048g/6D9876B8 2003-02-03 [expires: 2013-09-18]
> 
> I believe that 5072E1F5 is the key ID and I know that fingerprint is A4A9 4068 76FC BD3C 4567  70C8 8C71 8D3B 5072 E1F5.
> 
> <4-18-2017 11-11-20 AM.jpg>
> 
> However, when I try to install mysql-commercial-server.x86_64, I get the following:
> 
> Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql <file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql>
> 
> GPG key retrieval failed: [Errno 14] curl#37 - "Couldn't open file /etc/pki/rpm-gpg/RPM-GPG-KEY-mysql"
> 
> Any thoughts on what could be wrong?  I think that my entries should work.  
> 
> Thank you.
> 
> Daryl
> 
> 
> 
> 
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com <mailto:Spacewalk-list at redhat.com>
> https://www.redhat.com/mailman/listinfo/spacewalk-list <https://www.redhat.com/mailman/listinfo/spacewalk-list>
--
Oracle <http://www.oracle.com>
Avi Miller | Product Management Director | +61 (3) 8616 3496
Oracle Linux and Virtualization
417 St Kilda Road, Melbourne, Victoria 3004 Australia

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20170419/01fddbcf/attachment.htm>


More information about the Spacewalk-list mailing list