Hey Everyone,
This morning I got a bunch of errors from our IaC system that dnf installs did not work anymore. I’ve tried looking into it but I keep getting GPG signature verification errors from the Rocky9 repository.
I’ve tried re-importing the GPG key as downloaded from the repository directly and I’ve downloaded repomd.xml and repomd.xml.asc to check verification. But when I do this I get this
"[root@server1]#gpg --verify repomd.xml.asc repomd.xml
gpg: Signature made Mon 27 Jan 2025 02:57:53 PM UTC
gpg: using RSA key 21CB256AE16FC54C6E652949702D426D350D275D
gpg: issuer “releng@rockylinux.org”
gpg: BAD signature from “Rocky Enterprise Software Foundation - Release key 2022 releng@rockylinux.org” [unknown]"
It looks like the repomd.xml was updated on the 28th of January so is there a chance there is a fault in the repo? Are any of you experiencing issues?
I’ve tried a repo that has older versions of repomd.xml and repomd.xml.asc and then the verification is successful.
Looking forward to your responses. Hope you guys can help me.