[Spacewalk-list] GPG key hosted on the spacewalk server via HTTP fails
Thomas Foster
thomas.foster80 at gmail.com
Mon Sep 8 11:46:39 UTC 2014
The path on the client has to also point to the server location where the
key is located..the client will use the fqdn
On Sep 8, 2014 7:18 AM, "Thomas Foster" <thomas.foster80 at gmail.com> wrote:
> You need.to put the key in a location on your satellite server where all
> clients.can connect and see.that file. Then you need.to update you .repo
> file where the package is stored and.set the gpgkey url to that location on
> the server using the /// path
> On Sep 8, 2014 7:01 AM, "Nicolas Michel" <be.nicolas.michel at gmail.com>
> wrote:
>
>> Hi,
>>
>> I'm starting to try spacewalk (21). I configured the epel repository.
>> When trying to install some packages on the client OS configured with the
>> spacewalk repositories, it fails saying it can't find the GPG key:
>> warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID
>> 0608b895: NOKEY
>>
>>
>> Public key for jabberpy-0.5-0.21.el6.noarch.rpm is not installed
>>
>> I found the GPG here :
>> http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6 and copied it on
>> my spacewalk server in /var/www/html/pub. So the URL is
>> https://my_spacewalk_server/pub/RPM-GPG-KEY-EPEL-6 (I can see it with my
>> browser so it is reachable).
>>
>> Then on spacewalk I setup the:
>> - GPG key URL:*https://*my_spacewalk_server*/pub/RPM-GPG-KEY-EPEL-6*
>> - GPG key ID: *0608B895*
>> - GPG key Fingerprint: *8C3B E96A F230 9184 DA5C 0DAE 3B49 DF2A 0608
>> B895*
>>
>> When trying to re-install the package, it still fails.
>>
>> BUT, if I copy the key to the client serveur in
>> /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
>> AND setup the spacewalk channel "GPG key URL" to
>> file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
>> THEN it works:
>>
>> warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID
>> 0608b895: NOKEY
>> Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
>> Importing GPG key 0x0608B895:
>> Userid: "EPEL (6) <epel at fedoraproject.org>"
>> From : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
>> Is this ok [y/N]: n
>>
>>
>> => why? Can't we import gpg key from HTTP? Will I need to copy the GPG
>> key on each client?
>>
>> --
>> Nicolas MICHEL
>>
>> _______________________________________________
>> Spacewalk-list mailing list
>> Spacewalk-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/spacewalk-list
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20140908/cf8ead64/attachment.htm>
More information about the Spacewalk-list
mailing list