circle-info
Webinar | The Great Database Exodus: Navigating Strategic Risk in the Post-Oracle MySQL Era
Watch Nowarrow-up-right
search
Download MariaDBContact Us

GPG

Information about the GPG keys used to sign MariaDB packages and repositories, including how to import them for verification.

The MariaDB project signs their MariaDB packages for Debian, Ubuntu, Fedora, and Red Hat. This page documents information about the keys that we use and have used.

hashtag
MariaDB Community Server Debian / Ubuntu key

Our MariaDB Community Server repositories for Debian "Sid" and the Ubuntu 16.04 and beyond "Xenial" use the following GPG signing key. As detailed in MDEV-9781arrow-up-right, APT 1.2.7 (and later) prefers SHA2 GPG keys and now prints warnings when a repository is signed using a SHA1 key like our previous GPG key. We have created a SHA2 key for use with these.

Information about this key:

  • The short Key ID is: 0xC74CD1D8

  • The long Key ID is: 0xF1656F24C74CD1D8

  • The full fingerprint of the key is: 177F 4010 FE56 CA33 3630 0305 F165 6F24 C74C D1D8

  • The key can be added on Debian-based systems using the following command:

sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8

  • Usage of the apt-key command is deprecated in the latest versions of Debian and Ubuntu, and the replacement method is to download the keyring file to the /etc/apt/trusted.gpg.d/ directory. This can be done with the following:

sudo curl -LsSo /etc/apt/trusted.gpg.d/mariadb-keyring-2019.gpg https://supplychain.mariadb.com/mariadb-keyring-2019.gpg

hashtag
MariaDB Community Server RPM / Source Keys

Beginning in 2023 we migrated the key used to sign our yum/dnf/zypper repositories and to sign our source code and binary tarballs to the same key we use for Debian and Ubuntu.

Key ID and Fingerprint information is in the MariaDB Community Server Debian/Ubuntu Key section, above.

The key can be imported on RPM-based systems using the following command:

sudo rpm --import https://supplychain.mariadb.com/MariaDB-Server-GPG-KEY

or

sudo rpmkeys --import https://supplychain.mariadb.com/MariaDB-Server-GPG-KEY

hashtag
MariaDB Enterprise GPG Keys

Information about the key we use on most platforms for MariaDB Enterprise Server releases:

  • The short Key ID is: 0xE3C94F49

  • The long Key ID is: 0xCE1A3DD5E3C94F49

  • The full fingerprint of the key is: 4C47 0FFF EFC4 D3DC 5977 8655 CE1A 3DD5 E3C9 4F49

On Debian / Ubuntu systems, you can install the keyring containing this key with:

The key can be imported on RPM-based systems using the following command:

or

hashtag
MariaDB MaxScale GPG Keys

In December 2025, MariaDB MaxScale moved to using the same GPG key used by MariaDB Enterprise Server for RHEL 10 and Debian 13 Trixie.

Information on this key:

  • The short Key ID is: 0x8C27D14E

  • The long Key ID is: 0x5D87FACA8C27D14E

  • The full fingerprint of the key is: BB2A 36F3 6C3B 4D37 3BAC 328A 5D87 FACA 8C27 D14E

On Debian / Ubuntu systems, you can install the keyring containing this key with:

The key can be imported on RPM-based systems using the following command:

or

hashtag
Configuring Repositories

See the MariaDB Package Repository Setup and Usage page for details on using the mariadb_repo_setup and mariadb_es_repo_setup scripts to configure repositories that use these keys.

See the detailsarrow-up-right on configuring MariaDB Foundation repositories that use these keys.

This page is licensed: CC BY-SA / Gnu FDL

spinner
PreviousMariaDB Binary PackagesNextInstalling MariaDB Alongside MySQL

Last updated

Was this helpful?