This page documents the process for setting up a code signing key. This key is necessary to release a version of Mynewt through the ASF.
Step 1: Download gpg2
[ccollins@ccollins-mac:~/repos/larva]$ brew install gpg2
Step 2: Generate a new key
Follow the steps on this page: http://www.apache.org/dev/openpgp.html#generate-key
Note: Specify your apache.org email address in your user ID.
Step 3: Upload your key to a public server
The Apache OpenPGP page linked above lists some public servers. I used hkp://pgp.mit.edu. Do this by editing your
~/.gnupg/gpg.conf file and adding the following line:
keyserver hkp://pgp.mit.edu
Determine your key ID with:
gpg2 --list-sigs
Then publish your key to the server with the following command:
gpg2 --send-key <key-ID>
Example:
[ccollins@ccollins-mac:~/repos/larva]$ gpg2 --list-sigs /Users/ccollins/.gnupg/pubring.gpg ---------------------------------- pub 4096R/61047701 2016-02-23 uid [ultimate] Christopher Collins (CODE SIGNING KEY) <ccollins@apache.org> sig 3 61047701 2016-02-23 Christopher Collins (CODE SIGNING KEY) <ccollins@apache.org> sub 4096R/3C6FB130 2016-02-23 sig 61047701 2016-02-23 Christopher Collins (CODE SIGNING KEY) <ccollins@apache.org> [ccollins@ccollins-mac:~/repos/larva]$ gpg2 --send-key 61047701 gpg: sending key 61047701 to hkp server pgp.mit.edu
Step 4: Export your ASCII armored public key
[ccollins@ccollins-mac:~/repos/larva]$ ( gpg2 --list-sigs ccollins@apache.org && gpg2 --armor --export ccollins@apache.org ) > mykey.asc
Now you can concatenate your key (mykey.asc in this example) to the Mynewt KEYS file. This process is described in the Release Process page.