When I encounter old versions and rpm repository issues I have to think that once again, it's falling out of support.
I could be wrong.
Bob
Hi,
I have 'client' in Centos 5.6 where I want to install rpm packages with:
yum install package
from repository which I created on 'server' ( Centos 6.0 ). I would like packages to be signed, but I get some errors while trying to get things right:
firstly I had:
rpmts_HdrFromFdno: Header V4 RSA/SHA1 signature: BAD, key ID ebb3d90e
even if I have imported my public key to client which was present in rpm keys. It was listed by running:
rpm -q gpg-pubkey
gpg-pubkey-e8562897-459f07a4
gpg-pubkey-217521f6-45e8a532
gpg-pubkey-ebb3d90e-4ee5e6e8
I deleted the signes with:
rpm --delsign <package>
and wanted to check if then package will be installed but I continously got:
[Errno -1] Package does not match intended download
with or without singing the packages:
rpm -K *.rpm
<package1>-1.0-1.i386.rpm: sha1 md5 OK
<package2>-0.1-1.noarch.rpm: sha1 md5 OK
<package3>-0.1-1.i386.rpm: sha1 md5 OK
<package4>-3.6.5-1.i386.rpm: sha1 md5 OK
I found that this error might be solved by:
yum clean all
which cleans yum cache, which might be a problem, but in this case it didn't help.
I created repository with:
createrepo -s sha1 <dir>
because without sha1 I had an problem with adding my repository to yum repo list:
[Errno -3] Error performing checksum
Packages were created on client and were signed on server.
On client my repository configuration file /etc/yum.repos.d/my-repo.repo looks like this:
[myrepo]name=myrepo
baseurl=https://login:pass@address.to.my.repo
enabled=1
gpgcheck=1
gpgkey=https://login:pass@address.to.my.repo/MY-GPG-KEY
protect=1
Any suggestions would be appreciated.
If I must learn something - all links to tutorials/guides/documentations will be also very helpful.
I spend a lot of time trying to solve this issue and many forums and google didn't help me.

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic