To create trust between JFrog Distribution, the source Artifactory, and the Edge nodes, you need to run the Upload and Propagate GPG Signing Keys for Distribution REST API to upload and deploy the GPG keys. As part of the automated deployment process, the Signing Keys REST API will:
Deploy the generated GPG Key pair (public and private) for JFrog Distribution. The pair of keys are stored internally in JFrog Distribution.
Deploy the generated GPG public key on the source Artifactory and Edge node. The public key will be stored under Administration | Services | Artifactory | Security | Keys Management | Public Keys on the source Artifactory and Edge node.
If "
propagate_to_edge_nodes" is set to true, the public key will be automatically propagated to the Edge Node just once.
If you want to manually trigger the deployment of the key to the edges, you can use the following Propagate GPG Signing Keys to an Edge Node REST API command.