Reply
Explorer
Posts: 31
Registered: ‎04-15-2018
Accepted Solution

Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

I was installing Cloudera Manager in my Ubuntu  Xenial machine.

 

When the agents are installing I got the following problem

 

BEGIN apt-get update

Hit:1 http://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm xenial-cm5 InRelease

Hit:2 https://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm xenial-cm5.15.0 InRelease

Get:3 http://security.ubuntu.com/ubuntu xenial-security InRelease [107 kB]

Hit:5 http://us.archive.ubuntu.com/ubuntu xenial InRelease

Get:6 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease [109 kB]

Err:3 http://security.ubuntu.com/ubuntu xenial-security InRelease

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

Err:5 http://us.archive.ubuntu.com/ubuntu xenial InRelease

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

Ign:6 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease

Ign:4 https://attic.owncloud.com/org/download/repositories/stable/Ubuntu_16.04 InRelease

Hit:7 http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04 Release

Err:8 http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04 Release.gpg

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 47AE7F72479BC94B

Fetched 216 kB in 2s (98.0 kB/s)

Reading package lists...

W: http://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm/dists/xenial-cm5/InRelease: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

W: https://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm/dists/xenial-cm5.15.0/InRelease: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://security.ubuntu.com/ubuntu xenial-security InRelease:

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://us.archive.ubuntu.com/ubuntu xenial InRelease:

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

W: GPG error: http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease:

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

W: The repository 'http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease' is not signed.

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04 Release:

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 47AE7F72479BC94B

W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/xenial/InRelease

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

 

 

Can anybody give the fix

 

Thanks and Regards

Solomonchinni.

Explorer
Posts: 31
Registered: ‎04-15-2018

Re: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

[ Edited ]

Got the fix for public keys

 

  • For the above error, I ran

 

 $ sudo apt-key adv  --recv-keys --keyserver keyserver.ubuntu.com 47AE7F72479BC94B

 $ sudo apt-key adv  --recv-keys --keyserver keyserver.ubuntu.com 3B4FE6ACC0B21F32

 

https://askubuntu.com/questions/235880/how-to-fix-gpg-in-updater

 

  • Again I ran update command    $sudo apt-get update  I got  

 

Hit:1 http://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm xenial-cm5 InRelease

Get:2 http://security.ubuntu.com/ubuntu xenial-security InRelease [107 kB]                                                                    

Hit:3 https://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm xenial-cm5.15.0 InRelease                                                       

Hit:5 http://us.archive.ubuntu.com/ubuntu xenial InRelease                                              

Get:6 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease [109 kB]

Get:7 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages [542 kB]

Ign:4 https://attic.owncloud.com/org/download/repositories/stable/Ubuntu_16.04  InRelease

Get:8 http://security.ubuntu.com/ubuntu xenial-security/main Translation-en [230 kB]

Hit:9 http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04  Release

Err:10 http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04  Release.gpg

 The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 47AE7F72479BC94B

Get:11 http://security.ubuntu.com/ubuntu xenial-security/universe amd64 Packages [365 kB]

Get:12 http://security.ubuntu.com/ubuntu xenial-security/universe Translation-en [138 kB]

Fetched 1,490 kB in 3s (377 kB/s)                     

Reading package lists... Done

W: http://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm/dists/xenial-cm5/InRelease: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

W: https://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm/dists/xenial-cm5.15.0/InRelease: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04  Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 47AE7F72479BC94B

W: Failed to fetch http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04/Release.gpg  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 47AE7F72479BC94B

W: Some index files failed to download. They have been ignored, or old ones used instead.

 

  • I took the public key  47AE7F72479BC94B  and ran

 

$ sudo apt-key adv  --recv-keys --keyserver keyserver.ubuntu.com 47AE7F72479BC94B

 

The following error was gone

 

W: Failed to fetch http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04/Release.gpg  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 47AE7F72479BC94B

 

But still

 

W: http://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm/dists/xenial-cm5/InRelease: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

W: https://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm/dists/xenial-cm5.15.0/InRelease: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

 

Remains same.

I saw one conversation in our community in which they said ubuntu 16.04 has no support forCDH5.

Can I install CDH in xenial version?

 

Thanks and Regards 

Solomonchinni

 

Posts: 1,043
Topics: 1
Kudos: 262
Solutions: 130
Registered: ‎04-22-2014

Re: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

@solomonchinni,

 

Ubuntu 16 has been supported for some time and is indeed supported for CDH 5.15.x:

https://www.cloudera.com/documentation/enterprise/release-notes/topics/rn_consolidated_pcm.html#conc...

 

Also, it appears you fixed your own issue and the update was successful. 

The Warning is a warning and Cloudera will be updating signature keys to sha256 as of CM/CDH 6.

 

Based on your output there are no errors on update so we expect the update to have succeeded.  Verify with dpkg.  I believe "apt-get update" is silent so you would not see any non-Warning or above messages.

 

Explorer
Posts: 31
Registered: ‎04-15-2018

Re: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

  • Thank you, Mr.bgooley for supporting me from past two posts. Your reply gave me joe.
  • The Cloudera-scm-agent was successfully installed and the update went smoothly
  • As you said ubuntu xenial is supporting the CDH5.

Kindly give me solution for another problem what I got in the further step which is the database set up

 

please refer the link which shows my post on the community

 

http://community.cloudera.com/t5/Cloudera-Manager-Installation/Problem-in-database-set-up-in-clouder...

 

Thanks,

solomonchinni

 

Announcements