Signing Packages - Red Hat NETWORK 4.0 - CHANNEL MANAGEMENTT GUIDE Manual

12 Chapter 3. Building Custom Packages
gpg --export -a 'Your Name' > public_key.txt
Your public key is written to the file .
public_key.txt
This public key is quite important. It's the key that must be deployed to all client systems
that receive custom software through . Techniques for deploying this key across
up2date
an organization are covered in the Red Hat Network Client Configuration Guide.

3.2.2. Signing packages

Before you can sign packages, you need to configure your file to include
~/.rpmmacros
the following:
%_signature gpg
%_gpg_name B7085C8A
Replace the key ID value of B7085C8A with the key ID from your GPG
_gpg_name
keyring that you use to sign packages. This value tells RPM which signature to use.
To sign the package package-name-1.0-1.noarch.rpm, use the following com-
mand:
rpm --resign package-name-1.0-1.noarch.rpm
Enter your passphrase. To make sure the package is signed, use the following command:
rpm --checksig -v package-name-1.0-1.noarch.rpm
You should see the phrase in the output, with
Good signature from "Your Name"
Your Name replaced with the name associated with the signing key.