RPM Signing | Utimaco Integration Guides

1. Create file /root/.rpmmacros in user's home directory and add the following content in it

›_ Console
`%_signature gpg %_gpg_path /root/.gnupg %_gpg_name test@utimaco.com %_gpg /usr/local/bin/gpg %_gpg_sign_cmd %{_gpg} gpg --force-v3-sigs --batch --verbose --no-armor -no-secmem-warning -u "%{_gpg_name}" -sbo %{_signature_filename} --digestalgo filename}`

›_ Console

%_signature gpg 
%_gpg_path /root/.gnupg
%_gpg_name test@utimaco.com 
%_gpg /usr/local/bin/gpg 
%_gpg_sign_cmd %{_gpg} gpg --force-v3-sigs --batch --verbose --no-armor -no-secmem-warning -u "%{_gpg_name}" -sbo %{_signature_filename} --digestalgo filename}

Content of rpmmacros file

Here:

/root/.gnupg is the base directory for gnupg
test@utimaco.com is the key name
/usr/local/bin/gpg is the path for gpg
%{_gpg} gpg --force-v3-sigs --batch --verbose --no-armor --no-secmem-warning -u "%{_gpg_name}" -sbo %{_signature_filename} --digest-algo filename} is the gpg command that will be used for signing rpm

Sign the file using below command

›_ Console
`# rpm --addsign <rpm_file>`

Provide the slot PIN when prompted.

If you want to sign it again then run the below command. Provide the slot PIN when prompted.

›_ Console
`# rpm --resign <rpm_file>`

Resigning the rpm file