mpoindexter
commented
7 years ago openssl isn't the right way to do this. You'll want to use GPG or PGP. You would generate that using a command something like gpg --gen-key.
Closed spashx closed 7 years ago
mpoindexter
commented
7 years ago openssl isn't the right way to do this. You'll want to use GPG or PGP. You would generate that using a command something like gpg --gen-key.
mpoindexter
commented
7 years ago Closing due to lack of activity
Hi, I'm running Nexus 3.5.0-02 OSS on Windows. I installed nexus-repository-apt in the "(most) Permanent Install" mode (can not run it through the karaf console since console crash everytime - it's a known issue on Windows). I did create an apt-hosted repo, but now I'm stick into the "PGP signing key pair" configuration. When trying to upload a .deb package with curl, Nexus always returns: Error 500 - "Can't find signing key in key ring"
Here are the steps I did: Generate a RSA 2048 keypair with openssl with a pass like this:
openssl genrsa -passout pass:test -out privkey.pemThen paste the output of the RSA PRIVATE KEY section generated by:
openssl rsa -text -in privkey.pemas the PGP signing key pair and set the passphrase to "test".On the client side, I call curl using the .pem file thru the cacert parameter:
curl -u <user>:<pass> -X POST -H "Content-Type: multipart/form-data" --data-binary "@htop_2.0.2-1_amd64.deb" --cacert privkey.pem https://<server>/nexus/repository/<repo>/I assume my PGP signing pair is incorrect ? I looked into source code, but did not find more information from AptSigningFacet.javaCan you please give an example on how to generate a valid content for "PGP signing key pair" and how to use it with curl ?
Thank you.