Cannot mirror custom repository with RMT

I am trying to mirror two repositories from OpenHPC.They are:

• http://repos.openhpc.community/OpenHPC/3/Leap_15/
• http://repos.openhpc.community/OpenHPC/3/updates/Leap_15/

There is an rpm file that adds them directly to a client (not using RMT) and that works correctly and both repositories are added and enabled. However, with RMT I can only mirror the first one. The updates repository is added correctly but when I try to mirror it I get the following:

desdemona:/var/lib/rmt/.gnupg # rmt-cli mirror repository openhpc-updates 
I, [2026-04-24T14:50:47.429204 #24599]  INFO -- : Mirroring repository OpenHPC Updates to /usr/share/rmt/public/repo/OpenHPC/3/updates/Leap_15/
I, [2026-04-24T14:50:47.715967 #24599]  INFO -- : ↓ repomd.xml
I, [2026-04-24T14:50:48.002201 #24599]  INFO -- : ↓ repomd.xml.key
I, [2026-04-24T14:50:48.003645 #24599]  INFO -- : ↓ repomd.xml.asc
W, [2026-04-24T14:50:48.031919 #24599]  WARN -- : GPG command: gpg --homedir /tmp/rmt-mirror-gpg20260424-24599-10ybaiv --no-default-keyring --keyring /tmp/rmt-mirror-gpg20260424-24599-10ybaiv/keyring --verify /usr/share/rmt/public/repo/OpenHPC/3/updates/Leap_15/.tmp_metadata/repodata/repomd.xml.asc /usr/share/rmt/public/repo/OpenHPC/3/updates/Leap_15/.tmp_metadata/repodata/repomd.xml 2>&1
W, [2026-04-24T14:50:48.032013 #24599]  WARN -- : GPG output: gpg: Signature made Thu 30 Oct 2025 14:01:51 GMT
gpg:                using RSA key 5392744D3C543ED5784765E68A306019DA565C6C
gpg: Can't check signature: No public key

W, [2026-04-24T14:50:48.033814 #24599]  WARN -- : The following errors occurred while mirroring:
W, [2026-04-24T14:50:48.033855 #24599]  WARN -- : Repository 'OpenHPC Updates' (openhpc-updates): Error while mirroring repository: Error while mirroring metadata: GPG signature verification failed.
W, [2026-04-24T14:50:48.033891 #24599]  WARN -- : Mirroring completed with errors.
The command exited with errors.

Both repositories are on the same server and seem to have the same repodata. Can anyone advise?

Thanks

gpg: using RSA key 5392744D3C543ED5784765E68A306019DA565C6C
gpg: Can’t check signature: No public key

I don’t think the issue is from rmt side. You can reproduce the issue by doing similar gpg command. I think the 2nd repo is not signed correctly.

The fingerprint for https://repos.openhpc.community/OpenHPC/3/updates/Leap_15/repodata/repomd.xml.key is

pub   rsa2048 2023-04-19 [SC] [expires: 2045-03-14]
      6E19BE11D9A082C00A7DB41A7AC05F0940A90CC8
uid                      OpenHPC3 OBS Project <OpenHPC3@private>

Not like the working one: https://repos.openhpc.community/OpenHPC/3/Leap_15/repodata/repomd.xml.key

pub   rsa2048 2019-12-16 [SCEA]
      5392744D3C543ED5784765E68A306019DA565C6C
uid                      private OBS (key without passphrase) <defaultkey@localobs>
sub   elg2048 2019-12-16 [E]

You need to reach out to them so they include the correct key in the URL.

I have reached out to them and am awaiting a reply. If I have no success with them, is there a way to disable the requirement for signing that repository?

I don’t think this is possible. Let us know the result.

I will.

Out of curiosity, are different criteria required when a repository is added directly to a SLES client rather than mirroring via rmt? The reason that I ask is that BOTH repositories can be added to a SLES machine via YaST.

YaST and zypper will ask you for confirmation, wheil RMT does it all automatically. If verification fail, it stop.