Private GPG key to sign RPMs. If the key is empty we assume the key has been already imported on the build node.