“Could Not lock the record” while trying to cancel the running concurrent request

Recently came across a typical scenario where I needed to cancel a long running concurrent request and while doing the same from the front end, I kept getting error “Could not lock the record“.

Later on I thought to mark it as terminated by running below “update” statement from the database.

UPDATE apps.fnd_concurrent_requests
SET phase_code = 'C', status_code = 'X'
WHERE request_id = 126192043
and status_code ='R' 
and  phase_code = 'R';


But again this “update” was taking exceptionally long time. Then I figured out a better and quicker way of doing this.
Step:1 Find out the “FNDLIBR” process associated with the long running concurrent request by running below query

Set Pages 1000
Set head on
Column Manager   Format A12
Column Request   Format 999999999
Column Program   Format A30
Column User_Name Format A15
Column Started   Format A15
Column FNDLIBR  Format A9
prompt Managers that is running a request and FNDLIBR PROCESS;
select substr(Concurrent_Queue_Name, 1, 12) Manager,
       Request_Id Request,
       substr(Concurrent_Program_Name, 1, 35) Program,
       To_Char(Actual_Start_Date, 'DD-MON-YY HH24:MI') Started
  from apps.Fnd_Concurrent_Queues    Fcq,
       apps.Fnd_Concurrent_Requests  Fcr,
       apps.Fnd_Concurrent_Programs  Fcp,
       apps.Fnd_User                 Fu,
       apps.Fnd_Concurrent_Processes Fpro
 where Phase_Code = 'R' And Status_Code <> 'W' And
       Fcr.Controlling_Manager = Concurrent_Process_Id and
       (Fcq.Concurrent_Queue_Id = Fpro.Concurrent_Queue_Id and
       Fcq.Application_Id = Fpro.Queue_Application_Id) and
       (Fcr.Concurrent_Program_Id = Fcp.Concurrent_Program_Id and
       Fcr.Program_Application_Id = Fcp.Application_Id) and
       Fcr.Requested_By = User_Id and
       Fcr.request_id =&request_id

Step:- 2 Now look for the FNDLIBR process ID obtained above on the “Concurrent Manager Node”

ps -ef|grep 9240602|grep -v grep
  applmgr 19859 18919  0 Mar04 ?        00:00:02 FNDLIBR 

Step:- 3 Query the database to get the Session details for the offending process obtained in Step 2

select ses.sid,
              ses.serial# serial#,
         from gv$session ses, gv$process proc
        where ses.paddr = proc.addr and ses.process in ('&process_ID');

Step:- 4 Now clear the database session by running below statement in the database(Using SID and Serial# obtained in Step 3)

SQL> alter system kill session '<SID>,<Serial#>' immediate;

Step:- 5 Finally go ahead and cancel the long running request either from the front end or from database (using update statement as mentioned in the beginning.

Hope this helps. Happy learning and keep reading.

-Anand M

Categories: Oracle Apps

Troubleshooting EBS Workflow Notification mailer Issues

February 26, 2018 Leave a comment

Oracle E-Business Suite’s Workflow Notification Mailer sends an email notification in a multi-step process.

After a workflow notification is sent, it immediately appears in the recipient’s EBS Worklist UI. For each workflow notification,business event oracle.apps.wf.notification.send is raised to send the same notification as email.

For a workflow notification to be e-mailed, following statements should be true
The notification’s STATUS is OPEN or CANCELED
The notification’s MAIL_STATUS is MAIL or INVALID
The recipient role has a valid email address
The recipient role’s notification preference must be MAILTEXT, MAILATTH, MAILHTML or MAILHTM2
The Workflow Deferred Agent Listener is running
The Workflow Notification Mailer is running

Most of the information above can be obtained by running the diagnostic script $FND_TOP/sql/wfmlrdbg.sql. It takes the notification id as input.

After the business event oracle.apps.wf.notification.send is raised, it is processed through two queues before it is actually delivered as email to the recipient’s Inbox.
The Workflow Notification Mailer dequeues the send event messages from this queue and dispatches it through the designated SMTP server.
To determine at a given time where the email notification is being processed, run $FND_TOP/sql/wfmlrdbg.sql for the notification id

Query to find WF Mailer is up and running

SQL>SELECT component_name, component_status
FROM fnd_svc_components
WHERE component_type = 'WF_MAILER';


Query to find the name and location of WF related log files

SQL> select fl.meaning,
              'maile r container',
              'listener container',
  from apps.fnd_concurrent_queues    fcq,
       apps.fnd_concurrent_processes fcp,
       apps.fnd_lookups              fl
 where fcq.concurrent_queue_id = fcp.concurrent_queue_id and
       fcp.process_status_code = 'A' and
       fl.lookup_type = 'CP_PROCESS_STATUS_CODE' and
       fl.lookup_code = fcp.process_status_code and
       concurrent_queue_name in ('WFMLRSVC', 'WFALSNRSVC')
 order by fcp.logfile_name


Workflow Mailer Log file – FNDCPGSC*.txt

Query to check Failed WF Notifications

  from wf_notifications

Query to find the ‘Pending’ WF Notifications waiting to be processed

SQL>SELECT COUNT(*), message_name
  FROM wf_notifications
 WHERE STATUS = 'OPEN' AND mail_status = 'MAIL'
 GROUP BY message_name
  FROM wf_notifications
 WHERE STATUS = 'OPEN' AND mail_status = 'SENT'
 ORDER BY begin_date DESC

Query to check if WF Notifications are sent
select mail_status, status from wf_notifications where notification_id= ‘&Notification_ID’

–If mail_status is MAIL, it means the email delivery is pending for workflow mailer to send the notification
–If mail_status is SENT, its means mailer has sent email
–If mail_status is Null & status is OPEN, its means that no need to send email as notification preference of user is “Don’t send email”

Query to verify whether the message is processed in WF_DEFERRED queue

SQL>select * 
from applsys.aq$wf_deferred a 
where a.user_data.getEventKey()= '&Notification_ID'

–Once message is successfully processed, message will be enqueued to WF_NOTIFICATION_OUT queue and if
–errored out, it will be in WF_ERROR queue

select wf.user_data.event_name Event_Name, wf.user_data.event_key Event_Key,
wf.user_data.error_stack Error_Stack, wf.user_data.error_message Error_Msg
from wf_error wf where wf.user_data.event_key = ‘’

Query to check which WF notification are sent and which are errored out

SQL>Select from_user, to_user, notification_id, status, mail_status, begin_date
 where status = 'OPEN'

Select from_user,
       MESSAGE_NAME begin_date
 where status = 'OPEN'

Query to check different types of WF notification that are stuck

SQL>select message_type, count(1)
  from wf_notifications
 where status = 'OPEN' and mail_status = 'MAIL'
 group by message_type

E.g o/p of query –

——– ———-
POAPPRV 21 — 21 mails of Po Approval not sent —
WFERROR 145 — 145 mails have error
APCCARD 5411 - 5411


–For the uset to receive WF notification mails, email preference MUST be MAILHTML
Query to check User’s mail preference setup

SQL>SELECT email_address,
       nvl(WF_PREF.get_pref(name, 'MAILTYPE'), notification_preference)
  FROM wf_roles
 WHERE name = '&recipient_role' --recipient_role --- is the User name in Oracle


To debug a WF Notification
SQL> $FND_TOP/sql/wfmlrdbg.sql
It will prompt for Notification ID

Query to find WF related parameters from backend

SQL>select fscpv.parameter_value
    from fnd_svc_comp_params_tl fscpt
    ,fnd_svc_comp_param_vals fscpv
    where fscpt.display_name = 'Framework URL timeout' --'Test Address'
    and fscpt.parameter_id = fscpv.parameter_id


Query to check the date/time when the last email was sent by WF Mailer

SQL>select to_char(max(begin_date),'DD-MON-YY HH24:MI:SS')
from apps.wf_notifications  
where mail_status = 'SENT'

Query to find the WF Test notification status

SQL>select *
  from apps.wf_notifications
--where notification_id = '&notification_Id' --- Pass Notification Id if any
--where message_type = 'REQAPPRV' AND -- This is type of message, possible value are POAPPRV, REQAPPRV,WFTESTS
--user_key = '42056' -- This is PO# or PR # (can be obtained from user)  
--ITEM_KEY = '908848-170147' --- this can be derived from PO_REQUISITION_HEADERS_ALL if message_type is REQAPPRV
 where recipient_role = '<Application_User_Name>' --- Useful to provide if the message_type is WFTESTS
 and message_type = 'WFTESTS' and trunc(begin_date) = trunc(sysdate) --- Trying to look troubleshoot WF Notifications for current date only

      SELECT SEGMENT1,wf_item_type,wf_item_key,last_update_date FROM PO_REQUISITION_HEADERS_ALL
WHERE SEGMENT1 = '42052' -- PO or PR #


Query to see workflow configuration

SQL>select p.parameter_id, p.parameter_name, v.parameter_value value
  from apps.fnd_svc_comp_param_vals_v v,
       apps.fnd_svc_comp_params_b     p,
       apps.fnd_svc_components        c
 where c.component_type = 'WF_MAILER' and v.component_id = c.component_id and
       v.parameter_id = p.parameter_id and
       p.parameter_name in
 order by p.parameter_name


Some messages like alerts don’t get a record in wf_notifications table
so you have to watch the WF_NOTIFICATION_OUT queue

SQL>select corr_id, retry_count, msg_state, count(*)
  from applsys.aq$wf_notification_out
 where corr_id = 'APPS:ALR:'
 group by corr_id, msg_state, retry_count
 order by count(*) desc
select q_name,
       to_char(deq_time, 'YYYY-MON-DD HH12:MI:SSSSS AM') dqtime
  from wf_notification_out
 where --msgid = '65BED43EA74678B1E053652850812B40'
 corrid = 'APPS:ALR:'
 ORDER BY dqtime desc
select notification_id,msg_state,msg_id,role,corrid,enq_time,deq_time
from  (select msg_id, o.enq_time, o.deq_time, msg_state
              ,(select str_value
			  from   table (o.user_data.header.properties)
                where  name = 'NOTIFICATION_ID') notification_id
              , (select str_value
                 from   table (o.user_data.header.properties)
                 where  name = 'ROLE') role
              , (select str_value
                 from   table (o.user_data.header.properties)
                 where  name = 'Q_CORRELATION_ID') corrid
       from   applsys.aq$wf_notification_out o)         
where notification_id= '&notification_id'
and rownum=1


Query to run from backend to update WF mailer attributes

SQL>select fscpv.parameter_value
    from fnd_svc_comp_params_tl fscpt
    ,fnd_svc_comp_param_vals fscpv
    where fscpt.display_name = 'Test Address'
    and fscpt.parameter_id = fscpv.parameter_id;

How to set Workflow Mailer Override Address from Backend ? (Doc ID 1533596.1)

Hope this helps. Happy learning.

-Anand M

Categories: Oracle Apps Tags: ,

ORA-955 name is already used by an existing object

February 23, 2018 Leave a comment

Recently while working on some upgrade activity, I faced an interesting scenario. I am supposed to create a sequence in Oracle database (

MINVALUE 1 MAXVALUE 9999999999999999999999999999 INCREMENT BY 1

Error at line 1:
ORA-955: name is already used by an existing object
Elapsed: 00:00:00.73

I queried DBA_OBJECTS but didn’t find the object there. “adop -cleanup” phase was all completed. Database recyclebin if OFF but still went ahead and purged “recyclebin”. Still it did not let me create the sequence.

Later on while examining the “adop -cleanup” script, I came across the package ‘ad_zd_sys.drop_covered_object’. It asks few different parameters like


In order to get all these details, I ran a query

SQL> select * from dba_objects_ae where object_name like '%XX_VTX_INV_TAX_LINES_S%' and object_type <> 'NON-EXISTENT'

and this fetched me a record with all the values needed to execute package – ad_zd_sys.drop_covered_object.
Logged into database as sys and executed the package

SQL> exec sys.ad_zd_sys.drop_covered_object('XX_VTX', 'XX_VTX_INV_TAX_LINES_S', 'SEQUENCE', 'V_20170715_2200');

PL/SQL procedure successfully completed.
Elapsed: 00:00:00.90

After this I again ran the select statement “select * from dba_objects_ae where object_name like ‘%XX_VTX_INV_TAX_LINES_S%’ and object_type ‘NON-EXISTENT'” and it did not return any records.

I went ahead and fired the “Create sequence..” statement and this time sequence got created without any error.

This error wasted a lot of time and effort in actual upgrade task but thankfully made me to learn another new thing.

Hope this help. Happy learning and keep reading.

-Anand M



java.lang.ClassCastException: Cannot cast weblogic.wsee.jaxws.framework.policy.WSDLParserExtension

June 20, 2017 2 comments

I was working on to clone a web application running on Weblogic 12.1.1. Objective was to create a new DEV instance for already a working UAT instance.

I installed the Weblogic 12.1.1 on Oracle Linux 5.11 and installation completed successfully including the domain configuration.

Later on when I started deploying the application (WAR file), I got an error in the Weblogic log despite application deployment showing ‘success’. Below is the error I got in the log.

Caused By: com.sun.xml.ws.server.ServerRtException: exception during WSDL parsing: file:/u01/fmw/oracle/product/12/user_projects/domains/mydomain/servers/ManagedServer_1/tmp/_WL_user/vertex-remote-services/hkmfe6/war/WEB-INF/wsdl/VertexIncSystemUserPreferenceService_6_0.wsdl
        at com.sun.xml.ws.server.EndpointFactory.getWSDLPort(EndpointFactory.java:532)
        at com.sun.xml.ws.server.EndpointFactory.createEndpoint(EndpointFactory.java:175)
        at com.sun.xml.ws.api.server.WSEndpoint.create(WSEndpoint.java:467)
        at com.sun.xml.ws.transport.http.DeploymentDescriptorParser.parseAdapters(DeploymentDescriptorParser.java:253)
        at com.sun.xml.ws.transport.http.DeploymentDescriptorParser.parse(DeploymentDescriptorParser.java:147)
        Truncated. see log file for complete stacktrace
Caused By: com.sun.xml.ws.util.ServiceConfigurationError: com.sun.xml.ws.api.wsdl.parser.WSDLParserExtension: Provider weblogic.wsee.jaxws.framework.policy.WSDLParserExtension is specified in jar:file:/u01/fmw/oracle/product/12/oracle_common/modules/com.oracle.webservices.wls.wls-ws-metainf-services-impl_12.1.3.jar!/META-INF/services/com.sun.xml.ws.api.wsdl.parser.WSDLParserExtensionbut could not be instantiated: <strong>java.lang.ClassCastException: Cannot cast weblogic.wsee.jaxws.framework.policy.WSDLParserExtension</strong> to com.sun.xml.ws.api.wsdl.parser.WSDLParserExtension
        at com.sun.xml.ws.util.ServiceFinder.fail(ServiceFinder.java:233)
        at com.sun.xml.ws.util.ServiceFinder.access$300(ServiceFinder.java:141)
        at com.sun.xml.ws.util.ServiceFinder$LazyIterator.next(ServiceFinder.java:379)
        at com.sun.xml.ws.util.ServiceFinder.toArray(ServiceFinder.java:225)
        at com.sun.xml.ws.server.EndpointFactory.getWSDLPort(EndpointFactory.java:510)
        Truncated. see log file for complete stacktrace
Caused By: java.lang.ClassCastException: Cannot cast weblogic.wsee.jaxws.framework.policy.WSDLParserExtension to com.sun.xml.ws.api.wsdl.parser.WSDLParserExtension

To troubleshoot, first tried to see what is defined under “container description” inside ‘weblogic.xml’ file of the application. This file is located in WEB-INF directory of the WAR file and it is already set to TRUE


Now after further investigation and going through some other forums, I was clear with the error that it is due to the conflict of application related classes with that of system classes (Weblogic owned libraries of class)
I looked into the list of all Weblogic(system) classes. Location of the file is $MW_HOME/wlserver_12.1/server/lib/weblogic.jar.
Extracted the weblogic.jar into a temp location (jar -xvf weblogic.jar) and once the jar file is extracted, related system class files are located in /META-INF/services and prepared the list of all the class files.

Extracted the application WAR file and traversed to the location of class files (in my case it is – /temp/vertex-remote-services/WEB-INF/lib)
created a small shell script – idea was to look for each class files which are present in weblogic.jar (System class files) see find if it is there in application WAR file as well.

#! /usr/bin/ksh
_jarfile="jarlist.txt" ### Contains the list of system class files obtained above
while read _list;do
for i in *.jar; do jar -tvf "$i" | grep -Hsi ""${_list}"" && echo "$i"; done
done < $_jarfile

Whatever files found in both the places, corresponding class file is removed from weblogic.jar. This will avoid the conflict and hence the error.
Go to weblogic.jar location ($MW_HOME/wlserver_12.1/server/lib/weblogic.jar) and run below command

$ zip -d weblogic.jar META-INF/services/com.sun.xml.ws.api.wsdl.parser.WSDLParserExtension
deleting: META-INF/services/com.sun.xml.ws.api.wsdl.parser.WSDLParserExtension

This way removed all the conflicting class file from the system CLASS libraries. Stopped and started the managed server and deployed the application. This completed successfully and all the “ClassCastException” were gone.

P.s- I was getting similar errors even with WebLogic 12.1.3 and did the same for 12.1.3 as well to get rid of all the errors.

-Happy learning

Categories: WebLogic Tags:

TNSPing & SQLPlus just hang without errors

November 22, 2016 Leave a comment

Usually, when you connect to Oracle, you get errors that give you some feedback on what is happening.

Today, I got an issue where when trying to connect to SQLplus or even running a tnsping command was hanging. Not getting any error to start the troubleshooting. The issue was definitely some sort of connectivity but not able to point it out

In our case, we use “nameserver” in addition to tnsnames.ora. Our sqlnet.ora file looks like this:

I needed to trace my “tnsping” command to see where it is getting hung.

To troubleshoot the issue with tnsping hanging, all you need to do is add these settings in sqlnet.ora to trace tnsping

TNSPING.TRACE_DIRECTORY =/d01/abc/product/8.0.6/network/admin

My being a linux box and hence the path. You may need to modify according to your OS and directory

I ran the “tnsping” to the same Oracle SID again, a trace file “tnsping.trc” got generated in the path defined in the above “TNSPING.TRACE_DIRECTORY” variable.

Careful review of the trace file revealed that he connection was having an issue with the “name server” defined in my sqlnet.ora file.
I asked the Oracle DBA to confirm if the “name server” is started and she confirmed that it is not. Once she started the “name server”, tnsping command went successfully and I was able to connect to SQLplus.

Hope this helps you in some way.

Happy learning!!!

-Anand M

Decrypt weblogic admin password

November 22, 2016 Leave a comment

Pls follow below steps to decrypt Weblogic admin password

Step 1:- Create a file called – decryptPass.py and udpate the file with below cotents

import os
import weblogic.security.internal.SerializedSystemIni
import weblogic.security.internal.encryption.ClearOrEncryptedService

def decrypt(domainHomeName, encryptedPwd):
domainHomeAbsolutePath = os.path.abspath(domainHomeName)
encryptionService = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domainHomeAbsolutePath)
ces = weblogic.security.internal.encryption.ClearOrEncryptedService(encryptionService)
clear = ces.decrypt(encryptedPwd)
print "RESULT:" + clear

if len(sys.argv) == 3:
decrypt(sys.argv[1], sys.argv[2])
print " Usage: java weblogic.WLST decryptPassword.py DOMAIN_HOME ENCRYPTED_PASSWORD"
print " Example:"
print " java weblogic.WLST decryptPassword.py D:/Oracle/Middleware/user_projects/domains/base_domain {AES}819R5h3JUS9fAcPmF58p9Wb3syTJxFl0t8NInD/ykkE="
print "Unexpected error: ", sys.exc_info()[0]

Step 2:- Set Domain environment variable

cd $FMW_HOME/user_projects/domains/<domain_name>

. setDomainEnv.sh

Once it is properly set, do echo $DOMAIN_HOME and you will find it getting properly displayed

Step 3:- Get encrypted password value from boot.properties file

$ grep password $DOMAIN_HOME/servers/AdminServer/security/boot.properties | sed -e "s/^password=\(.*\)/\1/"


Step 4:- Decrypt the encrypted password obtained in Step 3 (Run the command from the location where the decryptPass.py is kept)

java weblogic.WLST decryptPass.py $DOMAIN_HOME {AES}udb6nZLDw24HiRRrZkojuoiLNiu/MfAIZpcU=

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands


Hope this helps. Happy reading!

-Anand M

PGP key generation using gpg 1.4.5 on Linux

November 15, 2016 Leave a comment

Step 1 – Confirm GPG version

$gpg -help
gpg (GnuPG) 1.4.5
Copyright (C) 2006 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Step 2 – Start generating gpg key

$ gpg --gen-key
gpg (GnuPG) 1.4.5; Copyright (C) 2006 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection? 5
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: <User ID for which the key is being generated>
Email address: <Valid mail ID>
You selected this USER-ID:
"<User ID provided earlier> <Mail ID>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

You don't want a passphrase - this is probably a *bad* idea!
I will do it anyway. You can change your passphrase at any time,
using this program with the option "--edit-key".

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 276 more bytes)
gpg: key 193EAC92 marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 2048R/193EAC92 2016-11-15
Key fingerprint = F7B1 F82D 8DA3 850B 5F8A 5905 B93D 5AF3 193E AC92
uid <User ID provided earlier> <Mail ID>

Note that this key cannot be used for encryption. You may want to use
the command "--edit-key" to generate a subkey for this purpose.

Step 3 – List your keys

$ gpg -k
pub 2048R/193EAC92 2016-11-15
uid <User ID provided earlier> <Mail ID>

Step 4 –  Export the public key in ASCII format

$ gpg --armor --output <User ID>-pub.asc --export '<User ID>'
$ ls -ltr
-rw-rw-r-- 1 xxx xxxyy 979 Nov 15 09:28 -pub.asc

$ cat <User ID>-pub.asc
Version: GnuPG v1.4.5 (GNU/Linux)


How to copy PGP public and private key from one machine (Linux here) to other Linux.

Step# 1: Export private secret key on the source machine

$ gpg --export-secret-keys -a <key_ID> > myfilename_private_key.asc

key_ID – when you list the key using “gpg -k”

pub 4096R/AD761536 2017-03-29
uid <User_Name> <username@domain.com>
sub 4096R/B045ADCF 2017-03-29
AD761536 – this is the key_ID
Step# 2: Export public secret key

$ gpg --export -a <key_ID> > myfilename_public_key.asc

Step # 3: SCP these 2 files to the target server – where you want to copy the PGP keys (in my case it is other Linux server)
Step # 4: Import the private and public key copied in Step# 3 on the target machine.

$ gpg --import myfilename_private_key.asc
gpg: key ADC61536: secret key imported
gpg: key ADC61536: public key "<User_name> <username@domain.com>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
gpg: secret keys read: 1
gpg: secret keys imported: 1

$ gpg --import myfilename_public_key.asc <-- this is for public key
gpg: key ADC61536: "<User_name> <username@domain.com>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1

Step # 5: Change the trust level
Now you need to change the “trust” level of the private key thus imported to new server

$ gpg --edit-key username@domain.com
gpg (GnuPG) 1.4.18; Copyright (C) 2014 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub 4096R/ADC61536 created: 2017-03-29 expires: never usage: SC
 trust: unknown validity: unknown
sub 4096R/B044ADFF created: 2017-03-29 expires: never usage: E
[ unknown] (1). <User_name> <username@domain.com>
gpg> trust
pub 4096R/ADC61536 created: 2017-03-29 expires: never usage: SC
 trust: unknown validity: unknown
sub 4096R/B033456FF created: 2017-03-29 expires: never usage: E
[ unknown] (1). <User_name> <username@domain.com>

Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

 1 = I don't know or won't say
 2 = I do NOT trust
 3 = I trust marginally
 4 = I trust fully
 5 = I trust ultimately
 m = back to the main menu

Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y

pub 4096R/ADC61536 created: 2017-03-29 expires: never usage: SC
 trust: ultimate validity: unknown
sub 4096R/B033456FF created: 2017-03-29 expires: never usage: E
[ unknown] (1). <User_name> <username@domain.com>
Please note that the shown key validity is not necessarily correct
unless you restart the program.

gpg> quit

Now if you list the keys using “gpg -k”, you will find the PGP key ID and associated details are exactly the same as that of the source server.

Happy reading.

-Anand M

Categories: Unix/Linux Tags: , , ,