Google-chrome failed update due to "SIGNATURE: NOT OK"

Upstream ticket against rpm here:

You go to Google website, download .rpm package and install with su/sudo rpm -i google*.rpm that installs a specific repository and choose on the fly stable or other always updated using dnf … simple …

There are workarounds for mutable Fedora installs but that’s not useful for Silverblue users. Google will have use a standard configuration for their packaging while rpm addresses this edge case upstream.

I rolled up to silverblue 39 beta this morning and tried to use the built in chrome third party repo in software. Got the same error. Downloaded .rpm from google, rpm-ostree installed liberation-fonts, then rpm-ostree installed their .rpm and that landed it.
user@fedora ~/Downloads> ls
user@fedora ~/Downloads> sudo rpm-ostree install google-chrome-stable_current_x86_64.rpm…Writing OSTree commit… done
Staging deployment… done
Freed: 67.9 MB (pkgcache branches: 0)

1 Like

So, what exactly is the solution here ?
I’m using Fedora 38 (Workstation) and have been installing Chrome via the .rpm package on Google’s website.
Whenever there is an update on available via the “Software” app, I’m unable to proceed with any system or other updates as long as Chrome is in the way. (Getting the “signature not ok” error message).

Are you downloading the rpm then attempting to install it? Or are you installing from the google chrome repo with normal updates.

I have never had an issue with google chrome, but I have the google-chrome repo enabled which is available thru the ‘hamburger menu’ in the gnome software app. Chrome is automatically updated and properly signed when I update in that manner.

You can check if the google-chrome repo is enabled with dnf repolist

I’m downloading and installing Chrome via the .rpm package on Google Chrome’s website everytime a new version becomes available, as the one initially available on the Software app is out of date I believe.

I do have the google-chrome repo enabled as well via the hamburger menu. “dnf repolist” shows it as well.

Not true.
The currently installed chrome on my system is

$ dnf list installed google-chrome-stable
Installed Packages
google-chrome-stable.x86_64                                      117.0.5938.92-1                                      @google-chrome

Trying to install something newer has the potential of installing an unstable version.

That was initially installed using sudo dnf install google-chrome-stable and then is automatically kept up to date with each system upgrade. Installing with rpm-ostree should do the same.

Fedora Silverblue is a specific immutable containerized environment. Google Chrome on Linux is also a containerized environment for security reasons giving access to Google Workspace Entreprise Premium similar to Microsoft Edge access to Azure Graph, Office 365 online and full load of Azure services. Red Hat/IBM has IBM Cloud that is a nice platform for RHEL who prefers Firefox. Containers in containers from different platforms forcibly bring authentification issues, Red Hat can have an offer comparable to Microsoft Windows Enterprise, Google Chrome Enterprise Upgrade along with JBoss …

Ah yes you’re right. It does have the latest version on the Software app.

I see what happened. The reason I turned to installing Chrome from outside the Software app via downloading a .rpm package was because I get the “Unable to install “Google Chrome” as not supported” error message whenever I do try to install it through the Software app.

I have the Google Chrome repositories enabled in the hamburger menu.

What would be the reason for this error message ?