Details

    • Type: New Project New Project
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Labels:
      None

      Description

      Can't close repository - public key not recognised.

      Sonatype reports

      "
      Ruleset Evaluation Report
      Staging ruleset evaluation on repository 'com.basho.riak-010 (u:russelldb, a:94.195.91.102)' has failed.

      Staging Signature Validation
      -No public key: Key with id: (e55b1eed939cc26) was not able to be located on http://keyserver.ubuntu.com:11371. Upload your public key and try the operation again.
      -No public key: Key with id: (e55b1eed939cc26) was not able to be located on http://pool.sks-keyservers.net:11371/. Upload your public key and try the operation again.
      -No public key: Key with id: (e55b1eed939cc26) was not able to be located on http://pgp.mit.edu:11371/. Upload your public key and try the operation again."

      Yet that is not a valid key id.

      gpg --keyserver hkp://pgp.mit.edu --recv-keys 0e55b1eed939cc26

      gpg: requesting key D939CC26 from hkp server pgp.mit.edu
      gpg: key E1EEBA5E: "Russell David Brown <russelldb@basho.com>" not changed
      gpg: Total number processed: 1
      gpg: unchanged: 1

      and my key is resolved.

      I'm using gpg on os x, if that helps at all.

        Activity

        Hide
        Russell Brown added a comment -

        The displayed key id is not a valid key id.

        Show
        Russell Brown added a comment - The displayed key id is not a valid key id.
        Hide
        Russell Brown added a comment -

        I tried with a new key, generated on ubuntu this time, and I get the same outcome but at least the key id in the error message is correct:

        Nexus says:

        "taging ruleset evaluation on repository 'com.basho.riak-042 (u:russelldb, a:94.195.91.102)' has failed.

        Staging Signature Validation
        -No public key: Key with id: (79830025fa3659e9) was not able to be located on http://keyserver.ubuntu.com:11371. Upload your public key and try the operation again.
        -No public key: Key with id: (79830025fa3659e9) was not able to be located on http://pool.sks-keyservers.net:11371/. Upload your public key and try the operation again.
        -No public key: Key with id: (79830025fa3659e9) was not able to be located on http://pgp.mit.edu:11371/. Upload your public key and try the operation again.
        "

        BUT Gpg says: -

        "
        gpg --keyserver hkp://pgp.mit.edu --recv-keys 79830025fa3659e9

        gpg: requesting key FA3659E9 from hkp server pgp.mit.edu
        gpg: key D9D3D170: "Russell Brown (Temp Key for release) <russelldb@basho.com>" not changed
        gpg: Total number processed: 1
        gpg: unchanged: 1
        "

        any ideas how to get this jar released? Next step is to try from windows (if I can find a windows machine)

        Show
        Russell Brown added a comment - I tried with a new key, generated on ubuntu this time, and I get the same outcome but at least the key id in the error message is correct: Nexus says: "taging ruleset evaluation on repository 'com.basho.riak-042 (u:russelldb, a:94.195.91.102)' has failed. Staging Signature Validation -No public key: Key with id: (79830025fa3659e9) was not able to be located on http://keyserver.ubuntu.com:11371 . Upload your public key and try the operation again. -No public key: Key with id: (79830025fa3659e9) was not able to be located on http://pool.sks-keyservers.net:11371/ . Upload your public key and try the operation again. -No public key: Key with id: (79830025fa3659e9) was not able to be located on http://pgp.mit.edu:11371/ . Upload your public key and try the operation again. " BUT Gpg says: - " gpg --keyserver hkp://pgp.mit.edu --recv-keys 79830025fa3659e9 gpg: requesting key FA3659E9 from hkp server pgp.mit.edu gpg: key D9D3D170: "Russell Brown (Temp Key for release) <russelldb@basho.com>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 " any ideas how to get this jar released? Next step is to try from windows (if I can find a windows machine)
        Hide
        Juven Xu added a comment -

        looks like you are using a sub key for signing your artifacts:

        $ gpg --verify riak-client-0.14.1.pom.asc
        gpg: Signature made Fri 01 Apr 2011 03:47:21 PM CST using RSA key ID FA3659E9
        gpg: Good signature from "Russell Brown (Temp Key for release) <russelldb@basho.com>"
        
        $ gpg --list-keys 
        pub   2048R/D9D3D170 2011-04-01 [expires: 2011-04-02]
        uid                  Russell Brown (Temp Key for release) <russelldb@basho.com>
        sub   2048R/FA3659E9 2011-04-01 [expires: 2011-04-02]
        

        maybe you used some gui tool to create your key? I received similar issue before, the advice to use cli to create your key.

        Show
        Juven Xu added a comment - looks like you are using a sub key for signing your artifacts: $ gpg --verify riak-client-0.14.1.pom.asc gpg: Signature made Fri 01 Apr 2011 03:47:21 PM CST using RSA key ID FA3659E9 gpg: Good signature from "Russell Brown (Temp Key for release) <russelldb@basho.com>" $ gpg --list-keys pub 2048R/D9D3D170 2011-04-01 [expires: 2011-04-02] uid Russell Brown (Temp Key for release) <russelldb@basho.com> sub 2048R/FA3659E9 2011-04-01 [expires: 2011-04-02] maybe you used some gui tool to create your key? I received similar issue before, the advice to use cli to create your key.
        Hide
        Russell Brown added a comment -

        Second attempt with the tmp key was generated using gpg cli on ubuntu. There is no way to select which key is used for signing a far as I can tell, do you know of a way?

        Show
        Russell Brown added a comment - Second attempt with the tmp key was generated using gpg cli on ubuntu. There is no way to select which key is used for signing a far as I can tell, do you know of a way?
        Hide
        Russell Brown added a comment -

        Woo Ha! I generated a key with no sub key (IE a sign only key) and that worked.

        Thanks for the help.

        Show
        Russell Brown added a comment - Woo Ha! I generated a key with no sub key (IE a sign only key) and that worked. Thanks for the help.
        Hide
        Juven Xu added a comment -

        problem resolved, closing issue

        Show
        Juven Xu added a comment - problem resolved, closing issue
        Hide
        Steve Swinsburg added a comment -

        FYI, I had this same problem, the artifact was being signed with the sub key. GPG keychain access allowed me to delete the sub key so I didn't need to regenerate my main one. I then re-released and it was fine.

        Show
        Steve Swinsburg added a comment - FYI, I had this same problem, the artifact was being signed with the sub key. GPG keychain access allowed me to delete the sub key so I didn't need to regenerate my main one. I then re-released and it was fine.

          People

          • Assignee:
            Juven Xu
            Reporter:
            Russell Brown
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: