Has there been any update to this issue? We're running to the same problem.
Downloading Packages: warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID bc62d13f: NOKEY Retrieving key from https://cgsldlimgmt04.centric.com/katello/api/repositories/76/gpg_key_content The GPG keys listed for the "Katello_6_Client" repository are already installed but they are not correct for this package. Check that the correct key URLs are configured for this repository. On Wednesday, May 18, 2016 at 4:43:20 PM UTC-5, Dylan Baars wrote: > > Hi all, > > I've recently add the katello agent 3.0 repo to my katello 3.0rc4 > instance, synced it and attempting to update packages on some test hosts. > The repo is configured with a GPG key per the one downloaded via: > > https://fedorapeople.org/groups/katello/releases/yum/3.0/client/el7/x86_64/katello-client-repos-latest.rpm > > However, if I try and update a system (having added the new repo to a > content view and published a new version etc) I get > > *Downloading packages:* > *warning: > /var/cache/yum/x86_64/7/NIWA_Katello_Agent_Katello_Agent_3_0_x86_64/packages/python-pulp-agent-lib-2.8.0-1.el7.noarch.rpm: > > Header V4 RSA/SHA1 Signature, key ID 2c7e5d9a: NOKEY* > *Retrieving key from > https://wellkatellodev.niwa.local/katello/api/repositories/247/gpg_key_content > > <https://wellkatellodev.niwa.local/katello/api/repositories/247/gpg_key_content>* > > > *The GPG keys listed for the "Katello Agent 3.0 x86_64" repository are > already installed but they are not correct for this package.* > *Check that the correct key URLs are configured for this repository.* > > > * Failing package is: python-pulp-agent-lib-2.8.0-1.el7.noarch* > * GPG Keys are configured as: > https://wellkatellodev.niwa.local/katello/api/repositories/247/gpg_key_content > > <https://wellkatellodev.niwa.local/katello/api/repositories/247/gpg_key_content>* > > > if I remove the GPG key in the Katello GUI from the product and the repo, > a 'yum update' fails with this message > > *Public key for python-pulp-agent-lib-2.8.0-1.el7.noarch.rpm is not > installed* > > Even though the repo in Katello is configured with no GPG key, gpgcheck is > still set to 1 on the client (/etc/yum.repos.d/redhat.repo) - > > *[NIWA_Katello_Agent_Katello_Agent_3_0_x86_64]* > *metadata_expire = 1* > *sslclientcert = /etc/pki/entitlement/6166028268832642654.pem* > *baseurl = > https://wellkatellodev.niwa.local/pulp/repos/NIWA/Prod-Server/CentOS7_Server/custom/Katello_Agent/Katello_Agent_3_0_x86_64 > > <https://wellkatellodev.niwa.local/pulp/repos/NIWA/Prod-Server/CentOS7_Server/custom/Katello_Agent/Katello_Agent_3_0_x86_64>* > *sslverify = 1* > *name = Katello Agent 3.0 x86_64* > *sslclientkey = /etc/pki/entitlement/6166028268832642654-key.pem* > *enabled = 1* > *sslcacert = /etc/rhsm/ca/katello-server-ca.pem* > *gpgcheck = 1* > > I guess there are two things here: > 1. Why is Katello still setting *gpgcheck = 1* if there is no gpgkey > configured? I was able to find a bug report for RH Satellite 6 ( > https://bugzilla.redhat.com/show_bug.cgi?id=803428) from 2012, but it is > closed as fixed....... > 2. The katello client packages don't seem to be signed? Certainly, the > katello-client-repos-latest.rpm packages "katello-client.repo" has > gpcheck=0 - I wonder why? > > I have opened a bug report for 3.0 for the gpgcheck > http://projects.theforeman.org/issues/15087 but just checking in here as > well if anyone has any ideas what's going on... :-) > -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
