Description of problem: In par. 4.2.1 it says to use key type 2 (DSA and Elgamal) for the key. This results in a unverifyable V4 signature: error: skipping package rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm with unverifiable V4 signature Using key type 1 (RSA and RSA) gives a better result: [root@node1 ~]# rpm --checksig -v rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm: Header V4 RSA/SHA1 Signature, key ID 6dc06f30: OK Header SHA1 digest: OK (0568898722e26e5df2c25fe239b72ac98667a66d) V4 RSA/SHA1 Signature, key ID 6dc06f30: OK MD5 digest: OK (05ef84979d583bd5c7b81e8dede72433) Version-Release number of selected component (if applicable): RHEL 6.5 x68_64 How reproducible: See steps v Steps to Reproduce: 1. Follow par 4.2.1 and 4.2.2 to the letter on a RHEL 6.5 box 2. 3. Actual results: error: skipping package rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm with unverifiable V4 signature Expected results: rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm: Header V4 RSA/SHA1 Signature, key ID 6dc06f30: OK Header SHA1 digest: OK (0568898722e26e5df2c25fe239b72ac98667a66d) V4 RSA/SHA1 Signature, key ID 6dc06f30: OK MD5 digest: OK (05ef84979d583bd5c7b81e8dede72433) Additional info: See http://localsteve.wordpress.com/2013/02/06/signing-rpms-cause-unverifiable-v4-signatures-and-extreme-frustration/
This is now live on the portal: https://access.redhat.com/documentation/en-US/Red_Hat_Satellite/5.7/html/Getting_Started_Guide/sect-Digital_Signatures_for_Red_Hat_Network_Packages.html#Generating_a_GnuPG_Keypair Closing this bug.