Ensure gpgcheck Enabled In Main Yum Configuration The 'gpgcheck' option controls whether RPM packages' signatures are always checked prior to installation. To configure yum to check package signatures before installing them, ensure the following line appears in '/etc/yum.conf' in the '[main]' section: 'gpgcheck=1'

Verifying the authenticity of the software prior to installation validates the integrity of the patch or upgrade received from a vendor. This ensures the software has not been tampered with and that it has been provided by a trusted vendor. Self-signed certificates are disallowed by this requirement. Certificates used to verify the software must be from an approved Certificate Authority (CA). Fix: No Remediation Info