GPG

Beginning in 2023 we migrated the key used to sign our yum/dnf/zypper repositories and to sign our source code and binary tarballs to the same key we use for Debian and Ubuntu.

Key ID and Fingerprint information is in the MariaDB Community Server Debian/Ubuntu Key section, above.

The key can be imported on RPM-based systems using the following command:

sudo rpm --import https://supplychain.mariadb.com/MariaDB-Server-GPG-KEY

or

sudo rpmkeys --import https://supplychain.mariadb.com/MariaDB-Server-GPG-KEY

The GPG Key ID of the MariaDB signing key we used for yum/dnf/zypper repositories and to sign our source code tarballs until the end of 2022 was 0xCBCB082A1BB943DB. The short form of the id is 0x1BB943DB and the full key fingerprint is:

1993 69E5 404B D5FC 7D2F E43B CBCB 082A 1BB9 43DB

This key was used by the yum/dnf/zypper repositories for RedHat, CentOS, Fedora, openSUSE, and SLES.

If you configure the mariadb.org rpm repositories using the repository configuration tool then your package manager will prompt you to import the key the first time you install a package from the repository.

You can also import the key directly using the following command:

sudo rpmkeys --import https://supplychain.mariadb.com/MariaDB-Server-GPG-KEY-2010

Information about the key we use on most platforms for MariaDB Enterprise Server releases:

• The short Key ID is: 0xE3C94F49

• The long Key ID is: 0xCE1A3DD5E3C94F49

• The full fingerprint of the key is: 4C47 0FFF EFC4 D3DC 5977 8655 CE1A 3DD5 E3C9 4F49

The key can be added on Debian-based systems using the following command:

sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xCE1A3DD5E3C94F49

• Usage of the apt-key command is deprecated in the latest versions of Debian and Ubuntu, and the replacement method is to download the keyring file to the /etc/apt/trusted.gpg.d/ directory. This can be done with the following:

sudo curl -LsSo /etc/apt/trusted.gpg.d/mariadb-keyring-2019.gpg https://supplychain.mariadb.com/mariadb-keyring-2019.gpg

The key can be imported on RPM-based systems using the following command:

sudo rpm --import https://supplychain.mariadb.com/MariaDB-Enterprise-GPG-KEY

or

sudo rpmkeys --import https://supplychain.mariadb.com/MariaDB-Enterprise-GPG-KEY

For RHEL, AlmaLinux, Rocky, and Oracle Linux 10 and above, there are new requirements around GPG keys used to sign rpm packages. For these distributions we have created a different GPG key for our Enterprise Server releases for these distributions.

Information on this key:

• The short Key ID is: 0x8C27D14E

• The long Key ID is: 0x5D87FACA8C27D14E

• The full fingerprint of the key is: BB2A 36F3 6C3B 4D37 3BAC 328A 5D87 FACA 8C27 D14E

The key can be imported on RPM-based systems using the following command:

sudo rpm --import https://supplychain.mariadb.com/MariaDB-Enterprise-GPG-KEY-2025

or

sudo rpmkeys --import https://supplychain.mariadb.com/MariaDB-Enterprise-GPG-KEY-2025