Docs Menu
Docs Home
/
MongoDB Compass
/ /

Verify RPM Packages (RHEL)

On this page

  • Before you Begin
  • Steps

The MongoDB release team digitally signs MongoDB Compass packages to certify that packages are a valid and unaltered MongoDB release. Before you install MongoDB Compass, you can use the digital signature to validate the package.

This page describes how to verify .rpm packages on RHEL operating systems.

If you don't have MongoDB Compass installed, download the MongoDB Compass binary from the Download Center.

1
curl https://pgp.mongodb.com/compass.asc | gpg --import
rpm --import https://pgp.mongodb.com/compass.asc

If the key imports successfully, the command returns:

gpg: key CEED0419D361CB16: public key "MongoDB Compass Signing Key <compass@mongodb.com>" imported
gpg: Total number processed: 1
gpg: imported: 1

If you have previously imported the key, the command returns:

gpg: key A8130EC3F9F5F923: "MongoDB Compass Signing Key <compass@mongodb.com>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
2
rpm --checksig <path_to_compass_rpm_file>

If the file is signed, the command returns:

<path_to_compass_rpm_file> digests signatures OK

Back

Use GPG