[RTFACT-20792] Resolution error from debian virtual repository with gpg key and smart repo - JFrog JIRA

Details

Type: Bug
Status: Resolved
Priority: Normal
Resolution: Duplicate
Affects Version/s: 6.12.0
Fix Version/s: None
Component/s: Debian
Labels:
None

Description

Use-Case Details:

Artifactory-Target has a virtual repository, it comprises of a smart remote repository.

This smart repository is using local repository on Artifactory-Source.

Artifactory-Source & Artifactory-Target have GPG keys installed.

Both public keys are trusted by Ubuntu-Client, using 'sudo apt-key add <public.key>'

Artifactory-Target is set in '/etc/apt/sources.list' file.

deb <artifactory-url-to-debian-repository> trusty main restricted

We are seeing problems with virtual repository during 'sudo apt-get update' on Ubuntu-Client

When I am using the smart remote repository in 'sources.list' file, it works fine.

But, when I am using the virtual repository in 'sources.list' file, it throws the following error.

W: GPG error: http://10.168.0.123:8081/artifactory/debian trusty Release: The following signatures were invalid: BADSIG AF9C78DAE5C07BCB Sanjeev Karani <sanjeevk@jfrog.com>
W: The repository 'http://10.168.0.123:8081/artifactory/debian trusty Release' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Attachments

Issue Links

duplicates

RTFACT-20257 Initial GPG Verification Fails When Using Your Own GPG Keys In Debian Client When Resolving From Debian Virtual Repository

Open

Activity

People

Assignee:

Unassigned

Reporter:

Sanjeev Karani

Votes:

0 Vote for this issue

Watchers:

1 Start watching this issue

Dates

Created:

06/Dec/19 12:57 AM

Updated:

23/Dec/19 3:59 PM

Resolved:

23/Dec/19 3:59 PM