openresty-packaging icon indicating copy to clipboard operation
openresty-packaging copied to clipboard
verified publisher icon openresty

GPG key problem with CentOS repos

Open adamsilkcm opened this issue 3 years ago • 3 comments

gpg check for CentOS 7 repo fails:

https://openresty.org/package/centos/7/x86_64/repodata/repomd.xml: [Errno -1] repomd.xml signature could not be verified for openresty
Trying other mirror.


 One of the configured repositories failed (Official OpenResty Open Source Repository for CentOS),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

     1. Contact the upstream for the repository and get them to fix the problem.

     2. Reconfigure the baseurl/etc. for the repository, to point to a working
        upstream. This is most often useful if you are using a newer
        distribution release than is supported by the repository (and the
        packages for the previous distribution release still work).

     3. Run the command with the repository temporarily disabled
            yum --disablerepo=openresty ...

     4. Disable the repository permanently, so yum won't use it by default. Yum
        will then just ignore the repository until you permanently enable it
        again or use --enablerepo for temporary usage:

            yum-config-manager --disable openresty
        or
            subscription-manager repos --disable=openresty

     5. Configure the failing repository to be skipped, if it is unavailable.
        Note that yum will try to contact the repo. when it runs most commands,
        so will have to try and fail each time (and thus. yum will be be much
        slower). If it is a very temporary problem though, this is often a nice
        compromise:

            yum-config-manager --save --setopt=openresty.skip_if_unavailable=true

failure: repodata/repomd.xml from openresty: [Errno 256] No more mirrors to try.
https://openresty.org/package/centos/7/x86_64/repodata/repomd.xml: [Errno -1] repomd.xml signature could not be verified for openresty

Others are running into the isuse as well; see https://forum.openresty.us/d/6847-openresty-gpg-key-stopped-verifying-the-openresty-repository

This is probably related to the changes made on Nov 4.

From https://openresty.org/package/centos/7/x86_64/repodata/

Index of /package/centos/7/x86_64/repodata/
[../](https://openresty.org/package/centos/7/x86_64/)
[0a30b5c81f4b71a7f7ddf66778506c3e9c8a5cba14969fb..>](https://openresty.org/package/centos/7/x86_64/repodata/0a30b5c81f4b71a7f7ddf66778506c3e9c8a5cba14969fbfee9f8f9da9df8207-other.xml.gz) 04-Nov-2022 22:30               14806
[2ede3ad09a5ceaf85eb6b6ae548ddf2a0f058e803a6d651..>](https://openresty.org/package/centos/7/x86_64/repodata/2ede3ad09a5ceaf85eb6b6ae548ddf2a0f058e803a6d6510c9bbe08227343fb5-filelists.xml.gz) 04-Nov-2022 22:30               42384
[35b8c3c1f206eca4c4cf659a184c20de19ddcb4c8d66af4..>](https://openresty.org/package/centos/7/x86_64/repodata/35b8c3c1f206eca4c4cf659a184c20de19ddcb4c8d66af46cac90e803335a6e3-primary.xml.gz) 04-Nov-2022 22:30               28522
[d2dde2025daa540a63ff209f4ec559b8839f5c5fa5cd4f4..>](https://openresty.org/package/centos/7/x86_64/repodata/d2dde2025daa540a63ff209f4ec559b8839f5c5fa5cd4f42f64db5089ba307b8-filelists.sqlite.bz2) 04-Nov-2022 22:30               84561
[dee3d7f5f1164c68b2dd2d4685f082e6013d2b7fd65be34..>](https://openresty.org/package/centos/7/x86_64/repodata/dee3d7f5f1164c68b2dd2d4685f082e6013d2b7fd65be347f4e6aa25c1742500-primary.sqlite.bz2) 04-Nov-2022 22:30               57380
[eec00fc288fd09a14a012da367420e0579115fceec4f970..>](https://openresty.org/package/centos/7/x86_64/repodata/eec00fc288fd09a14a012da367420e0579115fceec4f970351d13416bf89d07f-other.sqlite.bz2) 04-Nov-2022 22:30               34291
[repomd.xml](https://openresty.org/package/centos/7/x86_64/repodata/repomd.xml)                                         04-Nov-2022 22:30                2987
[repomd.xml.asc](https://openresty.org/package/centos/7/x86_64/repodata/repomd.xml.asc)                                     17-May-2022 19:46                 490

Similar dates are on the CentOS 8 repo so it probably has the same problem. Maybe the signing key needs to be updated or the repomd.xml was signed with an incorrect key.

adamsilkcm avatar Nov 15 '22 17:11 adamsilkcm

Same here on AWS Linux 2

openresty/signature | 490 B 00:00:00 Retrieving key from https://openresty.org/package/pubkey.gpg openresty/signature | 2.9 kB 00:00:00 !!! https://openresty.org/package/rhel/7/x86_64/repodata/repomd.xml: [Errno -1] repomd.xml signature could not be verified for openresty Trying other mirror.

alexg-eslevier avatar Nov 15 '22 20:11 alexg-eslevier

Any updates on this issue? it's affecting us on AWS Codebuild ubuntu/4.0

tahaiqbalkhan9 avatar Mar 20 '24 05:03 tahaiqbalkhan9

Any updates on this issue? it's affecting us on AWS Codebuild ubuntu/4.0 What is AWS Codebuild ubuntu/4.0? How can I verify that?

zhuizhuhaomeng avatar Mar 20 '24 13:03 zhuizhuhaomeng