-
Task
-
Resolution: Done
-
Minor
-
None
-
None
-
False
-
False
-
-
1
-
Testable
The RPM-GPG-KEY-redhat-legacy-release that was used to verify rpm signatures on RHEL 5 is bundled within the convert2rhel rpm and convert2rhel imports the GPG key during the conversion.
The reason why convert2rhel imports RHEL gpg keys is for rpm/yum to trust the RHEL rpms that are being installed during the conversion. Convert2rhel dropped support for converting to RHEL 5 long time ago hence there's no need to import the GPG key used to sign RHEL 5 packages.
Acceptance criteria
- the https://github.com/oamg/convert2rhel/blob/main/convert2rhel/data/version-independent/gpg-keys/RPM-GPG-KEY-redhat-legacy-release is removed from the repo and with that:
- it's not shipped within the convert2rhel rpm
- it's not imported during the conversion
- relates to
-
RHELC-322 Import SHA2 RPM GPG key on RHEL 9
- Closed
There are no Sub-Tasks for this issue.