Docs Menu
Docs Home
/
Cluster-to-Cluster Sync
/
Install
/
Verify Packages

Verify RPM Packages (RHEL)

On this page

  • Before you Begin
  • Steps

The MongoDB release team digitally signs mongosync packages to certify that the packages are a valid and unaltered MongoDB release. Before you install mongosync, you can use the digital signature to validate the package.

This page describes how to verify .rpm packages on RHEL operating systems.

Before you Begin

If you don't have mongosync installed, download the mongosync package from the Download Center.

Steps

1

Import the MongoDB Server Tools public key in gpg and rpm

curl https://pgp.mongodb.com/server-Tools.asc | gpg --import
rpm --import https://pgp.mongodb.com/server-Tools.asc

If the key imports successfully, the command returns:

gpg: key 3132835C1D925D5B: public key "MongoDB CLI Tools Release Signing Key <packaging@mongodb.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1

If you have previously imported the key, the command returns:

gpg: key 3132835C1D925D5B: "MongoDB CLI Tools Release Signing Key <packaging@mongodb.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
2

Verify the rpm file

rpm --checksig <path_to_mongosync_rpm_file>

If the file is signed, the command returns:

<path_to_mongosync_rpm_file> digests signatures OK

Back

Linux

Next

Connect