CarbonBlackLinuxInstaller-v7.4.0.24479 fails to install in RHEL 10.0 due to Header RSA signature: BAD
search cancel

CarbonBlackLinuxInstaller-v7.4.0.24479 fails to install in RHEL 10.0 due to Header RSA signature: BAD

book

Article ID: 427248

calendar_today

Updated On:

Products

Carbon Black EDR

Issue/Introduction

RPM installation fails with “Header RSA signature: BAD (invalid OpenPGP signature / Malformed MPI)”.
As a result, cbdaemon.service is not created and the sensor is not installed.

[[email protected] Downloads]# ./CarbonBlackClientSetup-linux-v7.4.0.24479.sh
## Will use eBPF-based sensor
## Building directory structure
## install.sh: Using [/bin/yum] / [/bin/rpm], [rpm] packages
## Secure installation temp dir:  SUCCESS
## Extracting package
cbsensor-7.4.0.24479.x86_64.rpm
cbsensor-7.4.0.24479.amd64.deb
manifest.sha256
manifest.sha256.asc
## Checking for duplicate sensors
## ############################################################################
## ############################################################################
## Mon Jan 26 04:04:28 PM CET 2026
## Installing cbsensor from /var/opt/carbonblack/response/pkgs
## upgrade package cbsensor is not installed ->
error: /var/opt/carbonblack/response/pkgs/cbsensor-7.4.0.24479.x86_64.rpm: Header RSA signature: BAD (package tag 268: invalid OpenPGP signature: Parsing an OpenPGP packet:
  Failed to parse Signature Packet
      because: Signature appears to be created by a non-conformant OpenPGP implementation, see <https://github.com/rpm-software-management/rpm/issues/2351>.
      because: Malformed MPI: leading bit is not set: expected bit 8 to be set in  1100111 (67))
error: /var/opt/carbonblack/response/pkgs/cbsensor-7.4.0.24479.x86_64.rpm cannot be installed
## Adding daemon...
## Failed to enable unit: Unit cbdaemon.service does not exist
## sh: /etc/sysconfig/modules/cbresponse.modules: No such file or directory
##
## CB EDR Sensor is now installed
## Cleanup setup packages
## Starting daemon...
## Failed to restart cbdaemon.service: Unit cbdaemon.service not found.

Environment

  • RHEL 10.0+
  • Kernel: 6.12.0+
  • Carbon Black EDR Server 7.9.0, 7.9.1
  • Carbon Black EDR Sensor for Linux 7.4.0.24479

 

Cause

invalid OpenPGP signature shipped with Carbon Black EDR Sensor for Linux 7.4.0 in 7.9.0 and 7.9.1

Resolution

This issue will be fixed in Carbon Black EDR Server 7.9.2. and Sensor 7.5.0-linux.

Since the 7.4.0 sensor installer was delivered with 7.9.0 and 7.9.1, customers who already installed/upgraded to this versions, and have experienced the issue described above, will need to replace the installer with the installer provided in the support portal.
Follow below steps in order to delete the existing 7.4.0 installer and replace it with the support portal package that is signed correctly:

  1. Remove the existing 7.4.0.24479 shipped with 7.9.0 and 7.9.1 following this KB article How to Remove a Sensor Version from the Console
  2. Follow the instructions under section To install the new sensor to install the Linux installer version 7.4.0.24479 in the CB EDR Server. 
  3. Proceed with the installation of Linux sensor in RHEL10.x following this guide How to Install the Linux sensor
Powered by Wolken Software