Using GPG Keys
SUSE Manager uses GPG keys to check the authenticity of software packages installed on clients. In many cases, you do not need to adjust the GPG settings to be able to install software on your clients.
By default, some operating systems do not trust the GPG key for the SUSE Manager client tools. The clients can be successfully bootstrapped without the GPG key being trusted. However, you cannot install new client tool packages or update them until the keys are trusted.
On the SUSE Manager Server, at the command prompt, check the contents of the
/srv/www/htdocs/pub/directory. This directory contains all available public keys. Take a note of the key that applies to the client you are registering.
Open the relevant bootstrap script, locate the
ORG_GPG_KEY=parameter and add the required key. For example:
You do not need to delete any previously stored keys.
If you are bootstrapping clients from the SUSE Manager Web UI, you need to use a Salt state to trust the key. Create the Salt state and assign it to the organization. You can then use an activation key and configuration channels to deploy the key to the clients.