Avi,
What you're saying is that I can setup a channel that I would import the the key into, I'm assuming using rhnpush, and then use that channel to push it to the MySQL servers, is that correct? I currently have a channel called "MySQL5" and a child channel called "MySQL 5.7.15". Would I create another child channel called "RPM-GPG-KEY-mysql" so when I install the mysql-commercial-server the key would get installed as well? How would SW know to put it in /etc/pki/rpm-gpg? I did actually add it into the GPG and SSL Keys, but removed it because I didn't know how that would work. How will that work with newly provisioned clients? Will it get distributed to ALL newly registered clients, or just to the ones that I want? Thank you again for your help Avi. Daryl ________________________________ From: [email protected] <[email protected]> on behalf of Avi Miller <[email protected]> Sent: Tuesday, April 18, 2017 2:38 PM To: [email protected] Subject: Re: [Spacewalk-list] Adding GPG keys to the channel Hi, You need to distribute the GPG key via a configuration channel or another mechanism so that it’s actually sitting in /etc/pki/rpm-gpg/RPM-GPG-KEY-mysql on the target servers. The channel mechanism doesn’t automatically distribute the GPG keys for you. If you add it to the GPG/SSL Keys page, you can distribute it during provisioning, but that doesn’t help your existing servers. That requires a configuration channel. I use both, i.e. I have all my GPG keys configured for provisioning purposes and I have a configuration channel with them so I can distribute them on demand too. Hope that makes sense. Cheers, Avi On 19 Apr 2017, at 4:11 am, Daryl Rose <[email protected]<mailto:[email protected]>> wrote: I've never added in the GPG keys to the channel when I created the channel, but now I'm trying to do so. I'm setting up a new channel to work with the MySQL commercial version. Installation fails because the public key for mysql-commercial-server is not installed. I added RPM-GPG-KEY-mysql to /etc/pki/rpm-gpg and entered into the GPG key URL this path: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql I'm not a gpg knowledgeable person, but a quick google search gave me the commands (I think) to get the GPG key ID and GPG key Fingerprint. gpg --quiet --with-fingerprint RPM-GPG-KEY-mysql pub 1024D/5072E1F5 2003-02-03 MySQL Release Engineering <[email protected]<mailto:[email protected]>> Key fingerprint = A4A9 4068 76FC BD3C 4567 70C8 8C71 8D3B 5072 E1F5 uid MySQL Package signing key (www.mysql.com<http://www.mysql.com/>) <[email protected]<mailto:[email protected]>> sub 2048g/6D9876B8 2003-02-03 [expires: 2013-09-18] I believe that 5072E1F5 is the key ID and I know that fingerprint is A4A9 4068 76FC BD3C 4567 70C8 8C71 8D3B 5072 E1F5. <4-18-2017 11-11-20 AM.jpg> However, when I try to install mysql-commercial-server.x86_64, I get the following: Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql GPG key retrieval failed: [Errno 14] curl#37 - "Couldn't open file /etc/pki/rpm-gpg/RPM-GPG-KEY-mysql" Any thoughts on what could be wrong? I think that my entries should work. Thank you. Daryl _______________________________________________ Spacewalk-list mailing list [email protected]<mailto:[email protected]> https://www.redhat.com/mailman/listinfo/spacewalk-list -- Oracle <http://www.oracle.com> Avi Miller | Product Management Director | +61 (3) 8616 3496 Oracle Linux and Virtualization 417 St Kilda Road, Melbourne, Victoria 3004 Australia
_______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
