I create a custom iso based on openSUSE-Leap-15.5-DVD-x86_64-Build491.1-Media. I created the repodata and created my own gpg key to sign repodata/repomd.xml.
When installing my custom iso, I get the error message in a red window “cd:/repodata/repomd.xml: Invalid signature Installation aborted”. I hit the ok button, the installation continues and succeeds.
Does anyone know what is going on for the error red window and how to solve this issue?
Thanks in advance.
How did you expect installation image to become aware of this key?
The linuxrc is using key(s) from the keyring /installkey.gpg in initrd to verify files it opens. Booting with insecure=1 should disable these checks. Or add your key to the keyring.
As far as I can tell, it is initialized at run-time from the other content:
if [ -d /usr/lib/rpm/gnupg/keys ] ; then
touch /installkey.gpg
gpg --batch --homedir /root/.gnupg --no-default-keyring --ignore-time-conflict --ignore-valid-from --keyring /installkey.gpg --import /usr/lib/rpm/gnupg/keys/*
mkdir -p /pubkeys
for i in /usr/lib/rpm/gnupg/keys/*.asc ; do
[ -f "$i" ] && ln -s "$i" "/pubkeys/${i##*/}.key"
done
elif [ -f /usr/lib/rpm/gnupg/suse-build-key.gpg ] ; then
cp /usr/lib/rpm/gnupg/suse-build-key.gpg /installkey.gpg
fi