(In reply to Adrian Schr�ter from comment #17) > An OBS admin could of course copy the key from one project to another one, > but the question is then if you don't break the idea of secure boot kernels. > > If you really want to copy the key, you need to copy on your source server > the _pubkey and _signkey file in /srv/obs/projects/$PROJECT.pkg/ . > Afterwards you need to generate the _sslcert using > > osc signkey --sslcert $project > > or regenerate it if an old one is there using > > osc signkey --extend $project > > However, I think it makes more sense just to disable the secure boot option > as this basically breaks the idea. Thanks Adrian! So the suggestion now is to disable the signing completely. Karl, would this be an option? I guess, the easiest way to achieve this would be to remove: BuildRequires: pesign-obs-integration in the spec file.