Rpm's gpg signature is from an expired certficiate

Setup, Configuration and Use Installation
1

I wasn’t sure where to post this, and I’m reasonably sure this isn’t user error - my Fedora (38) system reports the following with regard to the RPMs obtained from this link: openHAB on Linux | openHAB

error: Verifying a signature using certificate EDB7D0304E2FCAF629DF1163075721F6A224060A (openHAB Bintray Repositories <owner@openhab.org>):
  1. Certificiate 075721F6A224060A invalid: certificate is not alive
      because: The primary key is not live
      because: Expired on 2019-07-25T21:00:22Z
  2. Key 075721F6A224060A invalid: key is not alive
      because: The primary key is not live
      because: Expired on 2019-07-25T21:00:22Z

I’m not sure this is the proper place to report this, but the owner@openhab.org email access doesn’t exist.

2

That’s a really old certificate. What version of OH are you attempting to install?

You say the RPMs obtained from that link. Do you mean you downloaded the RPMs or that you’ve configured the openHAB repo and are using yum install openhab after?

Which repo: stable, testing, or snapshot?

3

I wasn’t able to replicate an issue, is this the first time installing on that machine?

[root@CENTOS-S9 ~]# sudo dnf install openhab
 [...]
 Importing GPG key 0xA224060A:
 Userid     : "openHAB Bintray Repositories <owner@openhab.org>"
 Fingerprint: EDB7 D030 4E2F CAF6 29DF 1163 0757 21F6 A224 060A
 From       : https://openhab.jfrog.io/artifactory/api/gpg/key/public
Is this ok [y/N]: y
Key imported successfully
Running transaction check
Transaction check succeeded.

[root@CENTOS-S9 ~]# rpm -Kv openhab-3.4.4-2.noarch.rpm
openhab-3.4.4-2.noarch.rpm:
    Header V4 RSA/SHA256 Signature, key ID a224060a: OK
    Header SHA256 digest: OK
    Header SHA1 digest: OK
    Payload SHA256 ALT digest: OK
    Payload SHA256 digest: OK
    V4 RSA/SHA256 Signature, key ID a224060a: OK
    MD5 digest: OK

[root@CENTOS-S9 ~]# rpm -Kv openhab-4.0.0~S3470-1.noarch.rpm
openhab-4.0.0~S3470-1.noarch.rpm:
    Header V4 RSA/SHA256 Signature, key ID a224060a: OK
    Header SHA256 digest: OK
    Header SHA1 digest: OK
    Payload SHA256 ALT digest: OK
    Payload SHA256 digest: OK
    V4 RSA/SHA256 Signature, key ID a224060a: OK
    MD5 digest: OK
4

Sorry for the noise - I had upgraded to Fedora 38 a few days back (and I’ve upgraded this system over and over for many years). My RPM database had a very old openhab gpg key stored in there. Once I removed it, this error stopped appearing.

2 Likes
5

No problem! Glad you have it working now.