No public key: Key with id: (XXXXX) was not able to be located (oss.sonatype.org)

StackOverflow https://stackoverflow.com/questions/19462617

  •  01-07-2022
  •  | 
  •  

Domanda

I am trying to push my staging repository on oss.sonatype.org to central repository, but this action is getting failed and i am getting following exception

Event: Failed: Signature Validation
typeId  signature-staging
failureMessage  No public key: Key with id: (XXXXX) was not able to be located on http://keyserver.ubuntu.com:11371. Upload your public key and try the operation again.

I used gbp to generate public and well private key for me and i even sent public key to the server with following command

gpg --keyserver hkp://pool.sks-keyservers.net --send-keys EE539F98

Still i am getting same exception.I cross checked and there is only one Sub Key, not sure what else i need to do to push public key so as this can be found by nexus

È stato utile?

Soluzione

The various OpenPGP keyserver synchronize, but that takes some time. If you know which keyserver will be queried, you can directly upload your key there.

I did:

gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys EE539F98
gpg --keyserver hkp://keyserver.ubuntu.com --send-keys EE539F98

and now your key can successfully be found on Ubuntu's keyserver, without having to wait until it automatically synchronized.

Actually I ran the recv-command multiple times to find a keyserver in their pool which already had your key.

Altri suggerimenti

I got the error message:

No public key: Key with id: (xxxx) was not able to be located on http://keyserver.ubuntu.com:port. Upload your public key and try the operation again.

Then i entered the following command on console:

gpg --keyserver hkp://keyserver.ubuntu.com --send-keys xxxx

(removed the :port from the end of the hostname) It works!

Same thing here, the thing was :

  • uploading the key generated from my laptop works perfectly
  • uploading the key generated from the application server was not efficient, I did not get any error message but the key was never distributed

Maybe our application server was blocking this request, or maybe this one was rejected directly by Sonatype (like explained in https://issues.sonatype.org/browse/OSSRH-6697)

Anyway we found a workaround that I wanted to share with you guys :

  • generate the public key on your application server

gpg --gen-key

  • if you have already one, make a copy of pubring.gpg file in your local folder /Users/you/.gnupg/
  • download locally the public key pubring.gpg generated on your application server (using scp command for example), it should be located in the /home/username/.gnupg/ folder on your application server
  • put it in your local folder /Users/you/.gnupg/ and publish this key

gpg2 --list-keys

gpg2 --keyserver hkp://pool.sks-keyservers.net --send-keys KEYID

  • the key should be published by now

gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys KEYID

Please let me know if it helps!

Regards

gpg --keyserver hkp://keys.openpgp.org --send-keys your_public_key

I then retrived an email and cheked this key at https://keys.openpgp.org/

Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a StackOverflow
scroll top