Cannot import Zoom's gpg key

Hello all,

trying to install Zoom on a fresh RL9:

  1. downloaded the rpm package from the official zoom page
  2. dnf install complains that the public key for zoom is missing
  3. downloaded the public key from Zoom
  4. rpm --import fails: “key 1 import failed”

Any ideas? For a start, I don’t understand whether it is a RL or zoom issue.

Many thanks!

The zoom gpg key is signed with SHA1. The Redhat/Alma/Rocky 9 default crypto policy does not allow this. You can either set your default crypto policy to “LEGACY” and import the key OR ask zoom to sign their public key with AES or something higher.

1 Like

Many thanks for your quick and exhaustive reply Joe!

I’ll ask zoom to use AES or better.

Seems strange. On Fedora 36 I have the default profile, and yet haven’t any issues installing the rpm that I downloaded from zoom.

Installing isn’t the problem. RoLi was trying to import the gpg key using rpm. Zoom installs without issue.

1 Like

You can also use the DEFAULT and enable SHA1.

sudo update-crypto-policies --set DEFAULT:SHA1

1 Like

I can confirm on Fedora 36:

  • zoom installs OK.
  • can import the gpg key

Sorry, I haven’t been clear. On RL9 zoom refuses to install complaining about the missing key.

On Oracle Linux 9 I cannot import the key, but zoom installs OK. Quite strange since /etc/crypto-policies/state/CURRENT.pol is the same on RL9 and OL9.

@joebeasley3 I wouldn’t like to enable SHA1, as it seems it’s a broken protocol (I am not a crypto expert though! :slight_smile:

Update: zoom is going to change key in the fall - problem should go away (hopefully!)

1 Like