FYI,
In my opinion, for obvious security reasons, signing keys should never
be downloaded from mirrors, only directly from build.opensuse.org via
HTTPS.
This request is captured in https://progress.opensuse.org/issues/13178
which has been closed but apparently not actually fixed.
-Archie
On Fri, Mar 3, 2017 at 8:41 AM, Andreas Stieger
Hello,
On 03/03/2017 03:21 PM, Mathias Radtke wrote:
the keys of our repository expired about two weeks ago. https://build.opensuse.org/project/show/home:uibmz:opsi:opsi40
A new key was created. However the new key is not available on all mirrors. Sometimes we and our users get the old expired key from one of the mirrors. is there any way to trigger a sync of the key on the available mirrors?
Create any repo publish event, e.g. by rebuilding a package resulting in a binary diff.
Andreas
-- Andreas Stieger
Project Manager Security SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
-- Archie L. Cobbs -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org