Difference between revisions of "Creating keys for package signing"

From Alpine Linux
Jump to: navigation, search
(made a redirect)
Line 1: Line 1:
This document describes how to create a public and a private key for signing of packages and indexes. The public key should be distributed and installed into /etc/apk/keys on the alpine box that will install the packages. This basically means that the main developers public keys should be in /etc/apk/keys on all alpine boxes.
#REDIRECT [[Abuild_and_Helpers#abuild-keygen]]
Since the public key needs to be unique for each developer the email address should be used as name for the public key.
== Create the private key ==
{{cmd|openssl genrsa -out ''emailaddress.priv'' 2048}}
{{tip|Append ''-aes256'' if you want it encrypted, but then you'll need to enter the password for every package you sign}}
== Creating the public key ==
{{cmd|openssl rsa -in ''emailaddress.priv'' -pubout -out /etc/apk/keys/''emailaddress''}}

Latest revision as of 12:10, 22 October 2012