How to import suse_key for signed PTF packages
This document (7016511) is provided subject to the disclaimer at the end of this document.
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Server 15
The packages SUSE provides are signed against a special PTF key.
This key is not imported by default on SLES 12 and SLES 15 systems, even though it is provided by the suse-build-key RPM that is being installed automatically.
Error seen while installing a PTF patch using zypper.
Looking for gpg key ID B37B98A9 in cache /var/cache/zypp/pubkeys. Repository Plain RPM files cache does not define additional 'gpgkey=' URLs. <name of ptf file> (Plain RPM files cache): Signature verification failed [4-Signatures public key is not available] Abort, retry, ignore? [a/r/i] (a):
rpm --import /usr/share/doc/packages/suse-build-key/suse_ptf_key.asc
For AutoYaST driven installations this behavior causes a problem as the PTF key signature is no longer contained in the initrd and needs to be loaded in addition. The following pre-install part for AutoYaST will show how to import the PTF key from a HTTP-source:
<scripts> <pre-scripts> <script> <interpreter>shell</interpreter> <filename>start.sh</filename> <source> <![CDATA[ #!/bin/sh /usr/bin/rpm --import http://FQDN/path/suse_ptf_key.asc ]]> </source> </script> </pre-scripts> </scripts>
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7016511
- Creation Date: 20-May-2015
- Modified Date:09-Dec-2020
- SUSE Linux Enterprise Server
For questions or concerns with the SUSE Knowledgebase please contact: email@example.com