Mailinglist Archive: opensuse-support (159 mails)

< Previous Next >
[opensuse-support] Tumbleweed: repository signature verification started failing for private repo
  • From: Robert Munteanu <robert.munteanu@xxxxxxxxx>
  • Date: Fri, 8 Jun 2018 00:20:44 +0300
  • Message-id: <>

For some time I've been using a private repo for various programs I've
repackaged. It's a very simple setup based on createrepo.

Now my TW machine refuses to use this repo, complaining that

File 'repomd.xml' from repository 'lmn_private' is signed with an
unknown key '.....'

I've done the following checks:

1. Downloaded $REPO/repodata/repomd.xml
2. Downloaded $REPO/repodata/repomd.xml.asc
3. Ran gpg --verify repomd.xml.asc repomd.xml

The output matches the key reported by zypper.

4. Verified that the key is known to rpm using rpm -qi gpg-pubkey-...-.....

The body of the key known to RPM and the public key used to sign the
packages are identical.

The verification fails on my TW machine, with


But works on a Leap 42.3 server with


I'm not sure where to go next from here, what else can I try?


To unsubscribe, e-mail: opensuse-support+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-support+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups