https://bugzilla.redhat.com/show_bug.cgi?id=2030595
--- Comment #27 from Paolo Bonzini pbonzini@redhat.com ---
Re the signed binaries: can you please describe how this is supposed to work in general? Is the stuff being signed built as part of the rpm build?
The signing tool is included, but no signing is done as part of the rpm build.
One way to arrange this could be for the spec file to have two modes, one that uses the prebuilt files and one that builds the enclaves without signature.