Max Pyziur wrote:
Greetings,
When updating via dnf update I get the following error messages: The GPG keys listed for the "Signal Messaging Devel Project (Fedora_40)" repository are already installed but they are not correct for this package. Check that the correct key URLs are configured for this repository.. Failing package is: nodejs-electron-30.3.0-2.13.x86_64 GPG Keys are configured as: https://download.opensuse.org/repositories/network:/im:/signal/Fedora_40/rep... Public key for signal-desktop-7.19.0-1.1.x86_64.rpm is not trusted. Failing package is: signal-desktop-7.19.0-1.1.x86_64 GPG Keys are configured as: https://download.opensuse.org/repositories/network:/im:/signal/Fedora_40/rep... Public key for signal-libringrtc-2.45.0-1.1.x86_64.rpm is not trusted. Failing package is: signal-libringrtc-2.45.0-1.1.x86_64 GPG Keys are configured as: https://download.opensuse.org/repositories/network:/im:/signal/Fedora_40/rep...
Any guidance here would be appreciated.
Those keys may be using an algorithm or have various properties which the newer rpm signature verification library doesn't like.
I don't know what the policies are for rpm with the sequoia library backend, so this could be way off.
Another possibility is that the keys have been updated since you initially installed them and you need to remove the current key to allow dnf to import the updated key.