Is installation of OpenHAB 3 supported on Centos 9 Streams?

  • Platform information:
    • Hardware: x86, 4GB RAM 40GB storage
    • OS: CentOS Stream 9
    • Java Runtime Environment: java 11
    • openHAB version: Attempting install of 3.2 using “dnf install openhab”
      Issue of the topic:

Hi,
I preface this with the fact I’m not a Linux expert, but have “entry level” experience with CentOS.

I’m looking to understand if OpenHAB 3 is supported on CentOS 9 Streams.

The documentation seems to suggest it is, however when attempting to install OpenHAB 3 using the jfrog repository (JFrog) I’m getting an error.

The following is the output following the installation of the GPG key which is done by dnf.

Key imported successfully
Import of key(s) didn’t help, wrong key(s)?
Problem opening package openhab-3.2.0-1.noarch.rpm. Failing package is: openhab-3.2.0-1.noarch
GPG Keys are configured as: https://openhab.jfrog.io/artifactory/api/gpg/key/public
The downloaded packages were saved in cache until the next successful transaction.
You can remove cached packages by executing ‘dnf clean packages’.
Error: GPG check FAILED

I have also attempted to attach a screenshot of the full command and output. The key seems to have been imported successfully. While I’m not familiar with this error it seems there could be a problem with the key.

Any help or guidance is greatly appreciated.

Thank you.

I’d highly recommend using docker. Makes it so simple to install / upgrade / downgrade.

All I can say is it’s supposed to work. MAybe the GPG key expired or something like that. If the problem persists open an issue on the openhab-distro repo. How to file an Issue

In the mean time, I’d recommend following the manual installation instructions, or if you want to learn something else new Docker.

apt-key list

shows ( only the relevant key ) :

pub   rsa4096 2015-07-25 [SC] [expires: 2023-07-24]
      EDB7 D030 4E2F CAF6 29DF  1163 0757 21F6 A224 060A
uid           [ unknown] openHAB Bintray Repositories <owner@openhab.org>
sub   rsa4096 2015-07-25 [E] [expires: 2023-07-25]

Looks fine … at least not expired.

Do we know if the rpm is signed with that same key?

1 Like

Hi,

I went back and tried the installation on a different distro (something other than CentOS Streams) and this issue did not occur. It seems this may be something specific to CentOS Streams.

I was able to successfully install OpenHAB 3 on both Rocky and ALMA without issue.

My guess is there is something up with CentOS Streams.

I attached a screenshot of the successful outcome.

I’m going to take the advice of those who suggest looking at Docker and give that a try.

I greatly appreciate everyone’s time and advice.

Thank you all.

I believe this is due to the fact the CentOS Stream 9 disables SHA-1 signature verification on GPG keys by default. The key imports fine in CS9, but the verification fails as SHA-1 is considered insecure. See this bug for details. It’s only a matter of time before this gets to more distros, so I would suggest the package maintainer update the signing method to use a more secure signature hash.

You can install OH3 on CentOS 9 by disabling the GPG key check in the yum.repos.d config file:

/etc/yum.repos.d/OpenHAB-Stable.repo

[openHAB-Stable]
name=openHAB Stable
baseurl=https://openhab.jfrog.io/artifactory/openhab-linuxpkg-rpm/stable
gpgcheck=0
gpgkey=“https://openhab.jfrog.io/artifactory/api/gpg/key/public
enabled=1

Or you can optionally reset the system to LEGACY crypto policies with:

update-crypto-policies --set LEGACY

2 Likes
1 Like