SUSE gpg keys

I have sync suse repository and now I get error when I try to list repository on suse client:
Warning: File ‘repomd.xml’ from repository ‘Foreman-SLE-Module-Basesystem15-Pool’ is unsigned.

Note: Signing data enables the recipient to verify that no modifications occurred after the data
were signed. Accepting data with no, wrong or unknown signature can lead to a corrupted system
and in extreme cases even to a system compromise.

Note: File 'repomd.xml' is the repositories master index file. It ensures the integrity of the
whole repo.

Warning: We can't verify that no one meddled with this file, so it might not be trustworthy
anymore! You should not continue unless you know it's safe.

  File 'repomd.xml' from repository 'Foreman-SLE-Module-Basesystem15-Pool' is unsigned,   continue? [yes/no] (no):
 sles15:~ # 

I know that I can disable gpgcheck, but I would like to configure repo wit gpg.
Do I have to create my own gpg key or I can get it from somewhere?


Katello is recreating metadata because it could change the content via filter, so it can not sign the metadata with the gpg key from the original repository. Packages are still signed with it, so switching of GPG checking for metadata but not packages would be the way to go (repo_gpgcheck=0 in zypp.conf should do this).

Thanks Dirk