Hide Forgot
Description of problem: when creating a custom, SHA1-protected, gpg-signed repo in rhui (which happens to be on rhel6), signature header of version 4 is created what prevents RHEL5 client from installing: yum install -y package ... error: rpmts_HdrFromFdno: Header V4 RSA/SHA1 signature: BAD, key ID b6963d12 Version-Release number of selected component (if applicable): 2.1.3 How reproducible: Always; happened in test plan.case #6606.110761 Steps to Reproduce: 1. in rhui-manager, create repo such as: ID: r1 Name: r1 Path: r1 Entitlement: r1 GPG Check Yes Custom GPG Keys: '/root/public.key' Red Hat GPG Key: No protection: SHA1 2. upload custom content e.g. package.rpm 3. create client entitlement keys for the repo r1 and a client configuration rpm 4. install the configuration rpm on an RHEL5 client 5. yum install -y package.rpm Actual results: Error: rpmts_HdrFromFdno: Header V4 RSA/SHA1 signature: BAD, key ID XXXXXXX Expected results: Yum install works for the repo on rhel5 client Additional info: searching the internet, guys suggest using command switch gpg --force-v3-sigs when signing rpms; see the bz url field
Created attachment 836374 [details] screen log installing the custom signed package on a rhel 5 client QE test case issue; the custom package we use in the automation is signed with v4 header already
closing based on Comment #1