Hello
I can use a gpg private master key to sign rpm package and 'rpm -K' confirm signature is good; this is of course after doing rpm --import
What I really like to do is to sign with a signing sub key. I managed to sign ok and also rpm --import went ok. But 'rpm -K' does not return OK. I believe that when I did rpm --import rpm might be importing the wrong key. If anyone here has any experience in this matter I would appreciate any hints. I essentially followed the steps found on http://wiki.debian.org/subkeys because I thought the same idea should apply to rpm signing
I have also used the exported secret sub key to sign a non-rpm file and verified using it's public key. (All this is done in two additional separate accounts distinct from where master key was managed)
If you also know a way to search the archives of this list, can you please let me know
I am using centos 6 for gpg and rpm stuff
Sincerely
Z M Wu
_______________________________________________ Rpm-list mailing list Rpm-list@xxxxxxxxxxxxx http://lists.rpm.org/mailman/listinfo/rpm-list
