Kenneth Stailey wrote: % Hi, % % The Spacewalk trac has a section on creating a GPG key here: % % https://fedorahosted.org/spacewalk/wiki/CertCreation % % It says to modify web.gpg_keyring in /etc/rhn/default/rhn_web.conf to point to a different keyring than the default of /etc/webapp-keyring.gpg % % I went to take a look at what is in /etc/webapp-keyring.gpg on a newly-installed Spacewalk server and I see: % % gpg --list-keys --no-default-keyring --keyring /etc/webapp-keyring.gpg % gpg: WARNING: unsafe ownership on configuration file `/home/ksta/.gnupg/gpg.conf' % /etc/webapp-keyring.gpg % ----------------------- % pub 1024D/E9496BD6 2008-06-12 % uid Spacewalk (Certificate Signing Key) <[email protected]> % % pub 1024D/06947932 2004-02-18 [expires: 2014-02-15] % uid Red Hat Network (Satellite Certificate Signing Key) <[email protected]> % sub 2048g/C71F2F5C 2004-02-18 [expires: 2014-02-15] % % If I modify web.gpg_keyring in /etc/rhn/default/rhn_web.conf to point to a different keyring than the default of /etc/webapp-keyring.gpg will it stop using those keys and if so will doing that have any adverse effects?
These key are used only to localy verify certificate via rhn-satellite-activate --disconnected. So it's sane to point it to your keyring when using self signed certificate. Regards, -- Michael Mráka Satellite Engineering, Red Hat _______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
