As part of automating the packaging process for Puppet Dashboard we ran into some baffling issues regarding the package signatures. Initially, we ended up with a package that was recognized as having a valid signature on some systems, but not others (Good with RPM 4.7.2, bad with 18.104.22.168). Additionally, when we tried signing the package with our “normal” GPG keys to try and debug this, we were unable to get a good signature from any of the systems we were testing with.
After much cursing, and Googling, we were able to find the correct incantation to get past the gauntlet of bizarre RPM behavior. Read More ›