Red Hat Satellite does not support signing repository metadata.
Issue
STIG compliance guidelines require that repository metadata be signed as well as the packages themselves. Currently, users can not sign the metadata of repositories hosted by Satellite.
This link details STIG compliance:
Rules In DISA STIG for Red Hat Enterprise Linux 7
(The operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components of packages without verification of the repository metadata.)
Environment
Red Hat Satellite 6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.