Ah, ok. Thanks. It's becoming clearer now. Did I miss something, or is it that I'm just not aware enough of how these systems work...
Hmmm. cheers L. ------ The most dangerous phrase in the language is, "We've always done it this way." - Grace Hopper On 5 April 2016 at 08:57, Avi Miller <[email protected]> wrote: > Hi, > > On 5 Apr 2016, at 8:41 AM, Lachlan Musicman <[email protected]> wrote: > > We have an SSL cert on that page - is that not enough? Do I need a > separate gpg key? I would presume the cert was sufficient - at no point in > the documentation did I see an explicit instruction to make one of each? > > > That is not sufficient. That is the CA certificate for your Spacewalk > instance. It's not the GPG key for the CentOS RPMs. You need to create a > GPG key with the content from CentOS and deploy it during kickstart, so > that yum has a valid GPG key against which to test the signature of the > RPMs. > > So, you'd need to get a copy of the CentOS GPG key (usually found in > /etc/pki/rpm-gpg on an already installed machine) and create a GPG key with > the content of that key. You would then need to update your Kickstart > Profile to deploy that GPG key during install, so that packages can be > installed during the post-install phase, i.e. after registration with > Spacewalk and post the Anaconda process. > > Hope that helps, > Avi > > -- > Oracle <http://www.oracle.com> > Avi Miller | Product Management Director | +61 (3) 8616 3496 > Oracle Linux and Virtualization > 417 St Kilda Road, Melbourne, Victoria 3004 Australia > > > _______________________________________________ > Spacewalk-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/spacewalk-list >
_______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
