GPG Check Failed for copr Repo dwmw2 openconnect

Hi,

i was trying to update my System as usual, when i suddenly got the message that the gpg check failed for the copr repo dwmw2/openconnect

I tried :

rpm --checksig $(dnf download --url NetworkManager-openconnect-1.2.10.git.30.4172855-0.fc40 -q)

https://download.copr.fedorainfracloud.org/results/dwmw2/openconnect/fedora-40-x86_64/07821797-NetworkManager-openconnect/NetworkManager-openconnect-1.2.10.git.30.4172855-0.fc40.x86_64.rpm:Fehler: Verifying a signature using certificate F8D085834914260DDDB29A2B8353ED5F64502AB5 (dwmw2_openconnect (None) <dwmw2#openconnect@copr.fedorahosted.org>):
  1. Certificiate 8353ED5F64502AB5 invalid: certificate is not alive
      because: The primary key is not live
      because: Expired on 2024-07-14T12:28:08Z
  2. Key 8353ED5F64502AB5 invalid: key is not alive
      because: The primary key is not live
      because: Expired on 2024-07-14T12:28:08Z
Fehler: Verifying a signature using certificate F8D085834914260DDDB29A2B8353ED5F64502AB5 (dwmw2_openconnect (None) <dwmw2#openconnect@copr.fedorahosted.org>):
  1. Certificiate 8353ED5F64502AB5 invalid: certificate is not alive
      because: The primary key is not live
      because: Expired on 2024-07-14T12:28:08Z
  2. Key 8353ED5F64502AB5 invalid: key is not alive
      because: The primary key is not live
      because: Expired on 2024-07-14T12:28:08Z
 Prüfsummen SIGNATUREN NICHT OK

Any suggestions?

Remove the expired key:

rpm -q --qf "%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n" gpg-pubkey
sudo rpm -e gpg-pubkey-XXXXXXXX-XXXXXXXX
2 Likes

Thanks! This is the first time this happen to me and i was just curious because of the latest supply chain attacks.

2 Likes