Header V3 RSA/SHA1 Signature, key ID c105b9de: BAD
Thus if you yum update only installed one of the packages you will end up with a broken YUM and RPM. You might see error messages like these when trying to run YUM and RPM commands: error: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID xxx BAD error: rpmdbNextIterator: skipping h# 1784 Header V3 RSA/SHA1 Signature, key ID xxx BAD Most of the time you will have had nss-softokn-3.14.3-19 installed but not nss-softokn-freebl-3.14.3-19
To fix this you have to:
1. Manually download nss-softokn-freebl-3.14.3-19 yumdownloader nss-softokn-freebl or wget the RPMs
64-Bit servers / x86_64 run
wget ftp://195.220.108.108/linux/centos/6.6/updates/x86_64/Packages/nss-softokn-freebl-3.14.3-19.el6_6.x86_64.rpm
32-Bit Servers / i686 run
wget ftp://195.220.108.108/linux/centos/6.6/updates/i386/Packages/nss-softokn-freebl-3.14.3-19.el6_6.i686.rpm
2. Extract the RPM
64-Bit servers / x86_64 run
rpm2cpio nss-softokn-freebl-3.14.3-19.el6_6.x86_64.rpm | cpio -idmv
32-Bit Servers / i686 run
rpm2cpio nss-softokn-freebl-3.14.3-19.el6_6.i686.rpm | cpio -idmv
3. Copy .libfreeblpriv3.* to correct location
64-Bit servers / x86_64 run
cp ./lib64/libfreeblpriv3.* /lib64
32-Bit Servers / i686 run
cp ./lib/libfreeblpriv3.* /lib
4. Rerun Yum Update to update nss-softokn-freebl and FIX YUM and RPM
yum update If you still have problems you might have to reinstall yum as below for a 64bit server, 32bit servers will just need to locate the 32bit versions of the rpms! But most servers won’t need this:
wget http://mirror.centos.org/centos/6/os/x86_64/Packages/yum-3.2.29-60.el6.centos.noarch.rpm
wget http://mirror.centos.org/centos/6/os/x86_64/Packages/yum-plugin-fastestmirror-1.1.30-30.el6.noarch.rpm
wget http://mirror.centos.org/centos/6/os/x86_64/Packages/centos-release-6-6.el6.centos.12.2.x86_64.rpm
rpm -ivh --nodeps yum-3.2.29-60.el6.centos.noarch.rpm
rpm -ivh yum-plugin-fastestmirror-1.1.30-30.el6.noarch.rpm
rpm -ivh centos-release-6-6.el6.centos.12.2.x86_64.rpm
I have also had some questions about how to restore the rpmdb that got corrupted while trying to fix the problem, there are two ways:
First, copy a good copy of the /var/lib/rpm folder over from an identical good server of from a backups – you do have backups right?
On good server or from backup:
tar -cf rpmbackup.tar /var/lib/rpm
Then send the tar over to the bad server
On broken server:
cd /var/lib
mv /var/lib/rpm /var/lib/rpm.bak
tar -xf /location/to/rpmbackup.tar
Then you should be good to go!
The second way is to reinstall every rpm ever installed via checking the rpm install log. See the comment below
Bug Report: https://bugzilla.redhat.com/show_bug.cgi?id=1182337
Related videos on Youtube
Mike Castro Demaria
Updated on September 18, 2022Comments
-
Mike Castro Demaria over 1 year
I have a strange problem on Centos 6.6 with rpm.
I try to install rpm/srpm and i get this message :
rpm -v --checksig glibc-2.12-1.149.el6.src.rpm glibc-2.12-1.149.el6.src.rpm: Entête V3 RSA/SHA1 Signature, key ID c105b9de: BAD Header SHA1 digest: BAD V3 RSA/SHA1 Signature, key ID c105b9de: BAD MD5 digest: BAD
And from another server with same os version :
rpm -v --checksig glibc-2.12-1.149.el6.src.rpm glibc-2.12-1.149.el6.src.rpm: Entête V3 RSA/SHA1 Signature, key ID c105b9de: OK Header SHA1 digest: OK (e9db7a50918ba3d42cbd7da1e8dc4fa6dac7949f) V3 RSA/SHA1 Signature, key ID c105b9de: OK MD5 digest: OK (bf01b4a34aafa0fbc2d28d741f6546aa)
Any idea ? There is somebody i can backup/.restore to the server who have trouble ?
Thanks for your help.
-
Mike Castro Demaria over 9 years247359982ba6c898197d89e201ec3ccc vs 247359982ba6c898197d89e201ec3ccc checksum are the same
-
Admin over 9 yearsNo idea. Maybe this thread helps stackoverflow.com/questions/24376547/…
-
Mike Castro Demaria over 9 yearsOk found how to solve that : kiteplans.info/2015/01/15/…
-
slhck over 9 yearsPlease post an answer if you've found a solution. Thanks.
-