NetWorker: RPM signing using GPG public key

Summary: Customers may request the NetWorker GPG public key because NetWorker RPM packages are signed and the public key must be imported on the Linux host before the RPM signature can be validated during installation. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

A customer is unable to validate or install a NetWorker RPM because the package signature check reports NOKEY, or the customer asks for the official NetWorker GPG public key used to sign RPM packages.

Cause

The NetWorker RPM was signed with the Dell/EMC NetWorker GPG key, but that public key has not yet been imported into the RPM database on the target Linux system.

Resolution

Use the following procedure to validate the package signature and import the NetWorker GPG public key. 

1. Run the following command against the NetWorker RPM file:
rpm --checksig -v <networker_package>.rpm

If the key is not yet present, the output may show NOKEY for the NetWorker signing key.

2. Save the NetWorker public key to a file:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQENBGFGIQMBCACoP7Is7dwv0LKZLWIq64xics7dURmDX5jc9Wd5eqMvGOIZnmM4
Ihc2CroHIHSok/6MsB+/ZgUMc7Fy85i9OX0Pf+tVDz4x5gLbnKQy2swKYTI6z4QW
pscldp9AaRRdH4FbMuOcrUP1NsUF+6l2glIIqPs4uamnIZ1HVbSkS6qThExcfknf
gk1vLrjn+Bod+c7SkmFjk8Eyo4rW4Bwqt3QGDgJSvWILTd0DEVBlQJL5ncaWk1Rc
2v2mA/7YePd/WTEU4LKHbqvRLLKS58wfUhEBmNMqN0R/qFRTsnfit8lV6dR233y2
sKkbCes/HEO4kudIQyRnmA8lrKMkOI3UDgK9ABEBAAG0H0VNQyBOZXRXb3JrZXIg
PHN1cHBvcnRAZW1jLmNvbT6JAVQEEwEKAD4CGwMFCwkIBwIGFQoJCAsCBBYCAwEC
HgECF4AWIQR7VtmhMwxm4inzPkqksfSa/0jRAQUCaO3eqAUJC2okpQAKCRCksfSa
/0jRAWaOB/9arrTVUnqmQnoyPk98XvjVUzqQFCgeTM+i3bsoPA4fcbMenKqMiQAF
/+SnXKTmN+I1WbAfFlr1n0kcLEaNeK8Vj0V1y7s3F8ZnMV4ucy08Y6AwUCKbwnFH
JvoYR1mxuEv0GgZEBqgnZTWWdrEsyozIYQQg65pTTchXeyNjaSp4X1p3Bb6dMf1i
h32vT6NF8JupLA8ffdMwMBdYslZGrmQZdSvUGUQUFoqK9x11GLMK9lQr2p8fW26q
aP+kQHvWnXk3LQlWZaPdY6JaVAItWE9igYft9q9AvccEdCFnmRZjKii0b83E4bV7
Jv8HrGUewfDfMZQl9IK59n71+VqncmkN
=zqbc
-----END PGP PUBLIC KEY BLOCK-----

Save it as a file such as networker-gpg-key.asc.

3. Import the saved key into the RPM database:

rpm --import networker-gpg-key.asc

4. Confirm that the key is present:

rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} --> %{summary}\n'
5. Rerun the RPM signature check:
rpm --checksig -v <networker_package>.rpm

 The signature should now return OK instead of NOKEY

 

Affected Products

NetWorker Family
Article Properties
Article Number: 000454939
Article Type: Solution
Last Modified: 30 أبريل 2026
Version:  1
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.