miken32
(miken32)
November 4, 2022, 4:04pm
1
Migrating a bunch of boxes from 13 to 16 and am once again facing issues with our modules’ signatures.
fwconsole ma refreshsignatures
reports the signatures are good:
Checking restart...
Good
My key is in the asterisk user’s keychain, and it’s been signed by both new and old FreePBX keys. But the dashboard reports errors:
Module “Bulk Phone Restart” signed by an invalid key.
Module: “Bulk Phone Restart”, File: “module.sig check failed! Signed by unknown, untrusted key.”
What’s the story? Am I really the only one signing my own modules out there? Things keep breaking…
miken32
(miken32)
November 4, 2022, 8:09pm
2
Ok solved my own problem again. Even though the key is shown as signed by FreePBX on the keyserver’s web interface, the output from gpg --check-sigs
wasn’t showing this.
With the help of this Security Stack Exchange answer I created /var/lib/asterisk/.gnupg/gpg.conf
with this content:
keyserver-options no-self-sigs-only,no-import-clean
And all is now working as expected.
system
(system)
Closed
December 5, 2022, 8:09pm
3
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.