Bug #6204

GPG key retrieval failed on client when Installing a package from custom repo.

Added by Brad Buckingham over 6 years ago. Updated over 2 years ago.

Web UI
Target version:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:


Cloned from
Description of problem:
I registered a rhel6.4 client with sat6 server and subscribed a custom repo. when I tried to install a package on client then got following error:

Downloading Packages:
warning: rpmts_HdrFromFdno: Header V4 RSA/SHA1 Signature, key ID f78fb195: NOKEY
Retrieving key from

GPG key retrieval failed: [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 404 Not Found"

on server production.log says: =================================
ActionController::RoutingError (No route matches [GET] "/katello/katello/api/repositories/56/gpg_key_content"):
/usr/lib/ruby/gems/1.8/gems/passenger-4.0.18/lib/phusion_passenger/rack/thread_handler_extension.rb:77:in `process_request'
/usr/lib/ruby/gems/1.8/gems/passenger-4.0.18/lib/phusion_passenger/request_handler/thread_handler.rb:140:in `accept_and_process_next_request'
/usr/lib/ruby/gems/1.8/gems/passenger-4.0.18/lib/phusion_passenger/request_handler/thread_handler.rb:108:in `main_loop'
/usr/lib/ruby/gems/1.8/gems/passenger-4.0.18/lib/phusion_passenger/request_handler.rb:441:in `block (3 levels) in start_threads'

Version-Release number of selected component (if applicable):


Client rhel6.4: =============

server-side packages: ===================
  • apr-util-ldap-1.3.9-3.el6_0.1.x86_64
  • candlepin-0.9.7-1.el6_5.noarch
  • candlepin-scl-1-5.el6_4.noarch
  • candlepin-scl-quartz-2.1.5-5.el6_4.noarch
  • candlepin-scl-rhino-1.7R3-1.el6_4.noarch
  • candlepin-scl-runtime-1-5.el6_4.noarch
  • candlepin-selinux-0.9.7-1.el6_5.noarch
  • candlepin-tomcat6-0.9.7-1.el6_5.noarch
  • elasticsearch-0.90.10-4.el6sat.noarch
  • foreman-
  • foreman-compute-
  • foreman-gce-
  • foreman-libvirt-
  • foreman-ovirt-
  • foreman-postgresql-
  • foreman-proxy-
  • foreman-selinux-1.5.0-0.develop.el6sat.noarch
  • foreman-vmware-
  • katello-1.5.0-22.el6sat.noarch
  • katello-ca-1.0-1.noarch
  • katello-certs-tools-1.5.5-1.el6sat.noarch
  • katello-installer-0.0.37-1.el6sat.noarch
  • openldap-2.4.23-32.el6_4.1.x86_64
  • pulp-katello-plugins-0.2-1.el6sat.noarch
  • pulp-nodes-common-2.3.1-0.4.beta.el6sat.noarch
  • pulp-nodes-parent-2.3.1-0.4.beta.el6sat.noarch
  • pulp-puppet-plugins-2.3.1-0.4.beta.el6sat.noarch
  • pulp-rpm-plugins-2.3.1-0.4.beta.el6sat.noarch
  • pulp-selinux-2.3.1-0.4.beta.el6sat.noarch
  • pulp-server-2.3.1-0.4.beta.el6sat.noarch
  • python-ldap-2.3.10-1.el6.x86_64
  • ruby193-rubygem-ldap_fluff-0.2.2-2.el6sat.noarch
  • ruby193-rubygem-net-ldap-0.3.1-3.el6sat.noarch
  • ruby193-rubygem-runcible-1.0.8-1.el6sat.noarch
  • rubygem-hammer_cli-0.1.0-12.el6sat.noarch
  • rubygem-hammer_cli_foreman-0.1.0-12.el6sat.noarch
  • rubygem-hammer_cli_foreman_tasks-0.0.2-5.el6sat.noarch
  • rubygem-hammer_cli_katello-0.0.3-22.el6sat.noarch
    How reproducible:

Steps to Reproduce:
on server: =========
1. create gpgkey with:
2. create a prouct/repo with url and provide above created key name
3. create a cv and add the product and publish it to 'Library'

on client: ============
1. register client with cmd:
subscription-manager register --username admin --password changeme --env Library

2. subscribe the client to custom product
subscription-manager subscribe --pool <pool-id>
3. yum repolist

Actual results:
GPG key retrieval failed: [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 404 Not Found"

Expected results:
gpg-key should be retrieved

Additional info:

If I manually install key on client with rpm --import <keyname> then package install is it means key is correct.

Also, redhat.repo is populated with repo name as below:

name = zoo3
baseurl =
enabled = 1
gpgcheck = 1
gpgkey =
sslverify = 1
sslcacert = /etc/rhsm/ca/candlepin-local.pem
sslclientkey = /etc/pki/entitlement/3399980321529909903-key.pem
sslclientcert = /etc/pki/entitlement/3399980321529909903.pem

Associated revisions

Revision 76f9cace (diff)
Added by Brad Buckingham over 6 years ago

fixes #6204 / BZ 1099016 - Fix gpg key on repo create and yum retrieval

This commit addresses 2 issues:
1. update the repo create to support associating the gpg key url
in candlepin
2. update the v2 api to expose the 'gpg_key_content' api to enable
yum clients to retrieve the key

Revision 1070b87b
Added by Brad Buckingham over 6 years ago

Merge pull request #4263 from bbuckingham/issue-6204

fixes #6204 / BZ 1099016 - Fix gpg key on repo create and yum retrieval


#1 Updated by Brad Buckingham over 6 years ago

  • Assignee set to Brad Buckingham
  • Target version set to 45
  • Legacy Backlogs Release (now unused) set to 13
  • Triaged set to Yes

#2 Updated by Eric Helms over 6 years ago

  • Target version changed from 45 to 48

#3 Updated by Brad Buckingham over 6 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

Applied in changeset katello|commit:76f9cace1b2e0ddc4bdae05027bd83c0b034c4dc.

Also available in: Atom PDF