Creating keys for package signing: Difference between revisions

From Alpine Linux
(Category:Development)
(made a redirect)
 
Line 1: Line 1:
This document describes how to create a public and a private key for signing of packages and indexes. The public key should be distributed and installed into /etc/apk/keys on the alpine box that will install the packages. This basically means that the main developers public keys should be in /etc/apk/keys on all alpine boxes.
#REDIRECT [[Abuild_and_Helpers#abuild-keygen]]
 
Since the public key needs to be unique for each developer the email address should be used as name for the public key.
 
== Create the private key ==
{{cmd|openssl genrsa -out ''emailaddress.priv'' 2048}}
 
{{tip|Append ''-aes256'' if you want it encrypted, but then you'll need to enter the password for every package you sign}}
 
== Creating the public key ==
{{cmd|openssl rsa -in ''emailaddress.priv'' -pubout -out /etc/apk/keys/''emailaddress''}}
 
[[Category:Development]]

Latest revision as of 12:10, 22 October 2012