Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

SOLVED Go to solution
Highlighted

Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

I was installing Cloudera Manager in my Ubuntu  Xenial machine.

 

When the agents are installing I got the following problem

 

BEGIN apt-get update

Hit:1 http://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm xenial-cm5 InRelease

Hit:2 https://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm xenial-cm5.15.0 InRelease

Get:3 http://security.ubuntu.com/ubuntu xenial-security InRelease [107 kB]

Hit:5 http://us.archive.ubuntu.com/ubuntu xenial InRelease

Get:6 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease [109 kB]

Err:3 http://security.ubuntu.com/ubuntu xenial-security InRelease

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

Err:5 http://us.archive.ubuntu.com/ubuntu xenial InRelease

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

Ign:6 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease

Ign:4 https://attic.owncloud.com/org/download/repositories/stable/Ubuntu_16.04 InRelease

Hit:7 http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04 Release

Err:8 http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04 Release.gpg

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 47AE7F72479BC94B

Fetched 216 kB in 2s (98.0 kB/s)

Reading package lists...

W: http://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm/dists/xenial-cm5/InRelease: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

W: https://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm/dists/xenial-cm5.15.0/InRelease: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://security.ubuntu.com/ubuntu xenial-security InRelease:

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://us.archive.ubuntu.com/ubuntu xenial InRelease:

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

W: GPG error: http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease:

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

W: The repository 'http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease' is not signed.

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04 Release:

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 47AE7F72479BC94B

W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/xenial/InRelease

The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

 

 

Can anybody give the fix

 

Thanks and Regards

Solomonchinni.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

Super Guru

@solomonchinni,

 

Ubuntu 16 has been supported for some time and is indeed supported for CDH 5.15.x:

https://www.cloudera.com/documentation/enterprise/release-notes/topics/rn_consolidated_pcm.html#conc...

 

Also, it appears you fixed your own issue and the update was successful. 

The Warning is a warning and Cloudera will be updating signature keys to sha256 as of CM/CDH 6.

 

Based on your output there are no errors on update so we expect the update to have succeeded.  Verify with dpkg.  I believe "apt-get update" is silent so you would not see any non-Warning or above messages.

 

3 REPLIES 3

Re: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

Got the fix for public keys

 

  • For the above error, I ran

 

 $ sudo apt-key adv  --recv-keys --keyserver keyserver.ubuntu.com 47AE7F72479BC94B

 $ sudo apt-key adv  --recv-keys --keyserver keyserver.ubuntu.com 3B4FE6ACC0B21F32

 

https://askubuntu.com/questions/235880/how-to-fix-gpg-in-updater

 

  • Again I ran update command    $sudo apt-get update  I got  

 

Hit:1 http://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm xenial-cm5 InRelease

Get:2 http://security.ubuntu.com/ubuntu xenial-security InRelease [107 kB]                                                                    

Hit:3 https://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm xenial-cm5.15.0 InRelease                                                       

Hit:5 http://us.archive.ubuntu.com/ubuntu xenial InRelease                                              

Get:6 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease [109 kB]

Get:7 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages [542 kB]

Ign:4 https://attic.owncloud.com/org/download/repositories/stable/Ubuntu_16.04  InRelease

Get:8 http://security.ubuntu.com/ubuntu xenial-security/main Translation-en [230 kB]

Hit:9 http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04  Release

Err:10 http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04  Release.gpg

 The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 47AE7F72479BC94B

Get:11 http://security.ubuntu.com/ubuntu xenial-security/universe amd64 Packages [365 kB]

Get:12 http://security.ubuntu.com/ubuntu xenial-security/universe Translation-en [138 kB]

Fetched 1,490 kB in 3s (377 kB/s)                     

Reading package lists... Done

W: http://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm/dists/xenial-cm5/InRelease: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

W: https://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm/dists/xenial-cm5.15.0/InRelease: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04  Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 47AE7F72479BC94B

W: Failed to fetch http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04/Release.gpg  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 47AE7F72479BC94B

W: Some index files failed to download. They have been ignored, or old ones used instead.

 

  • I took the public key  47AE7F72479BC94B  and ran

 

$ sudo apt-key adv  --recv-keys --keyserver keyserver.ubuntu.com 47AE7F72479BC94B

 

The following error was gone

 

W: Failed to fetch http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04/Release.gpg  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 47AE7F72479BC94B

 

But still

 

W: http://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm/dists/xenial-cm5/InRelease: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

W: https://archive.cloudera.com/cm5/ubuntu/xenial/amd64/cm/dists/xenial-cm5.15.0/InRelease: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

 

Remains same.

I saw one conversation in our community in which they said ubuntu 16.04 has no support forCDH5.

Can I install CDH in xenial version?

 

Thanks and Regards 

Solomonchinni

 

Re: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

Super Guru

@solomonchinni,

 

Ubuntu 16 has been supported for some time and is indeed supported for CDH 5.15.x:

https://www.cloudera.com/documentation/enterprise/release-notes/topics/rn_consolidated_pcm.html#conc...

 

Also, it appears you fixed your own issue and the update was successful. 

The Warning is a warning and Cloudera will be updating signature keys to sha256 as of CM/CDH 6.

 

Based on your output there are no errors on update so we expect the update to have succeeded.  Verify with dpkg.  I believe "apt-get update" is silent so you would not see any non-Warning or above messages.

 

Re: Signature by key F36A89E33CC1BD0F71079007327574EE02A818DD uses weak digest algorithm (SHA1)

  • Thank you, Mr.bgooley for supporting me from past two posts. Your reply gave me joe.
  • The Cloudera-scm-agent was successfully installed and the update went smoothly
  • As you said ubuntu xenial is supporting the CDH5.

Kindly give me solution for another problem what I got in the further step which is the database set up

 

please refer the link which shows my post on the community

 

http://community.cloudera.com/t5/Cloudera-Manager-Installation/Problem-in-database-set-up-in-clouder...

 

Thanks,

solomonchinni