Failed to update due to signature errors


i have the same problem
i youse

sudo yum update


i have fedora 38

I moved this to a new topic so it would get more attention. The topic it was posted in originally was over a year old and was about Fedora 33.

Note that F38 is currently rawhide, so be ready to see/debug issues. :slight_smile:

That said, this is because rpm in rawhide recently switched to use sequoia for it’s gpg needs. sequoia is a rust written library. It (unlike the old internal rpm gpg handling code) honors the system wide crypto policy. In Fedora 38+ that policy disallows the use of SHA-1 signatures.

Most likely you have installed google chrome or some other package that is signed with SHA-1 signatures. google supposedly knows about this and is working on fixing it.

In the mean time you can run ‘sudo update-crypto-policies --set DEFAULT:SHA1’ to override the policy and allow them. That should allow you to upgrade/remove the offending packages. Don’t forget to set it back to DEFAULT when done. :slight_smile:


ok THK