3.2.2. Signing packages

Before you can sign packages, you need to configure your ~/.rpmmacros file to include the following:
%_signature gpg 
%_gpg_name B7085C8A
Replace the _gpg_name key ID value of B7085C8A with the key ID from your GPG keyring that you use to sign packages. This value tells RPM which signature to use.
To sign the package package-name-1.0-1.noarch.rpm, use the following command:
rpm --resign package-name-1.0-1.noarch.rpm
Enter your passphrase. To make sure the package is signed, use the following command:
rpm --checksig -v package-name-1.0-1.noarch.rpm
You should see the phrase Good signature from "Your Name" in the output, with Your Name replaced with the name associated with the signing key.