GPG
The MariaDB project signs their MariaDB packages for Debian, Ubuntu, Fedora, and Red Hat. This page documents information about the keys that we use and have used.
MariaDB Community Server Debian / Ubuntu key
Our MariaDB Community Server repositories for Debian "Sid" and the Ubuntu 16.04 and beyond "Xenial" use the following GPG signing key. As detailed in MDEV-9781, APT 1.2.7 (and later) prefers SHA2 GPG keys and now prints warnings when a repository is signed using a SHA1 key like our previous GPG key. We have created a SHA2 key for use with these.
Information about this key:
The short Key ID is:
0xC74CD1D8
The long Key ID is:
0xF1656F24C74CD1D8
The full fingerprint of the key is:
177F 4010 FE56 CA33 3630 0305 F165 6F24 C74C D1D8
The key can be added on Debian-based systems using the following command:
sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
Usage of the
apt-key
command is deprecated in the latest versions of Debian and Ubuntu, and the replacement method is to download the keyring file to the/etc/apt/trusted.gpg.d/
directory. This can be done with the following:
sudo curl -LsSo /etc/apt/trusted.gpg.d/mariadb-keyring-2019.gpg https://supplychain.mariadb.com/mariadb-keyring-2019.gpg
MariaDB Community Server RPM / Source Keys
Beginning in 2023 we migrated the key used to sign our yum/dnf/zypper
repositories and to sign our source code and binary tarballs to the same key we use for Debian and Ubuntu.
Key ID and Fingerprint information is in the MariaDB Community Server Debian/Ubuntu Key section, above.
The key can be imported on RPM-based systems using the following command:
sudo rpm --import https://supplychain.mariadb.com/MariaDB-Server-GPG-KEY
or
sudo rpmkeys --import https://supplychain.mariadb.com/MariaDB-Server-GPG-KEY
MariaDB Enterprise GPG Keys
Information about the key we use on most platforms for MariaDB Enterprise Server releases:
The short Key ID is:
0xE3C94F49
The long Key ID is:
0xCE1A3DD5E3C94F49
The full fingerprint of the key is:
4C47 0FFF EFC4 D3DC 5977 8655 CE1A 3DD5 E3C9 4F49
The key can be added on Debian-based systems using the following command:
sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xCE1A3DD5E3C94F49
Usage of the
apt-key
command is deprecated in the latest versions of Debian and Ubuntu, and the replacement method is to download the keyring file to the/etc/apt/trusted.gpg.d/
directory. This can be done with the following:
sudo curl -LsSo /etc/apt/trusted.gpg.d/mariadb-keyring-2019.gpg https://supplychain.mariadb.com/mariadb-keyring-2019.gpg
The key can be imported on RPM-based systems using the following command:
sudo rpm --import https://supplychain.mariadb.com/MariaDB-Enterprise-GPG-KEY
or
sudo rpmkeys --import https://supplychain.mariadb.com/MariaDB-Enterprise-GPG-KEY
Configuring Repositories
See the this page for details on using the mariadb_repo_setup
and mariadb_es_repo_setup
scripts to configure repositories that use these keys.
See the details on configuring MariaDB Foundation repositories that use these keys.
This page is licensed: CC BY-SA / Gnu FDL
Last updated
Was this helpful?