New Percona Package Signing Key Requires Update on RHEL and CentOS

On December 20th, 2018 we began to sign our packages with a new encryption key. Our percona-release package contains both the latest and older package signing keys. However, older versions of the percona-release rpm package do not contain our latest key. Users with older percona-release packages installed, that have not been updated, may see an error message when trying to install our newer packages.

Redhat Enterprise Linux (RHEL) and CentOS users may see an error similar to the following:

Thankfully,  the solution to this problem is simple. You will need to update your percona-release package before installing packages that are signed with the latest encryption key:

Ubuntu and Debian systems will not encounter this error as package signing and key verification works differently on those systems.


Photo by Markus Spiske on Unsplash

Share this post

Comments (2)

  • Hrvoje Reply

    Just a comment I think I actually got that error even when I tried updating percona-release… what worked for me in the end was
    yum remove percona-release
    yum install percona-release

    February 5, 2019 at 3:38 pm
  • William Volkman Reply

    Broken for me also, upgrading does not give a working configuration. The defaults do not work.
    The GPG keys listed for the “Percona-Release YUM repository – x86_64” repository are already installed but they are not correct for this package.
    sudo(“yum install -y http://www.percona.com/downloads/percona-release/redhat/0.1-6/percona-release-0.1-6.noarch.rpm“)
    sudo(“yum update -y percona-release”) #FIXME: They broke it – do not try this
    sudo(‘percona-release setup ps56’) #NOTE: They do not support Amazon AMI (or ps56) so cannot do this

    February 15, 2019 at 9:09 pm

Leave a Reply