Show Table of Contents
4.2.2. Signing packages
Before signing packages, configure the
~/.rpmmacros file to include the following:
%_signature gpg %_gpg_name B7085C8A
Replace the
_gpg_name key ID value of B7085C8A with the key ID from your GPG keyring that you use to sign packages. This value tells RPM which signature to use.
To sign the package package-name-1.0-1.noarch.rpm, use the following command:
rpm --resign package-name-1.0-1.noarch.rpm
Enter your passphrase. To make sure the package is signed, use the following command:
rpm --checksig -v package-name-1.0-1.noarch.rpm
Note
Before running the
rpm --checksig -v command, import the gpg key. See Section 4.3, “Importing Custom GPG Keys” in the next section for more information.
You should see the phrase Good signature from "Your Name" in the output, with Your Name replaced with the name associated with the signing key.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.