davmail icon indicating copy to clipboard operation
davmail copied to clipboard

Published 20 hours ago verified publisher icon mguessan

Certificate expired on Fedora COPR depo

Open ileGITimo opened this issue 1 year ago • 2 comments

Certificate on https://download.copr.fedorainfracloud.org/results/mguessan/davmail/fedora-39-x86_64/ for package
davmail-6.2.0-30.1.noarch.rpm expired on 2023-10-03T21:14:20Z and dnf refuses to update davmail, even with gpgcheck=0 and repo_gpgcheck=0.

ileGITimo avatar Dec 06 '23 16:12 ileGITimo

Working now on a fresh Fedora installation, could be a local cache issue ?

image

mguessan avatar Dec 12 '23 15:12 mguessan

It's a bit more complicated than that, as certificates are stored in rpmdb. Not sure how it happens but searching for "the gpg keys listed for the ... repository are already installed but they are not correct for this package", which is one of the messages that dnf prints when it fails to update davmail, gives out several pages with a few clues.

First run "rpm -qa gpg-pubkey*" and verify that davmail is indeed there. Then look again at the dnf output and one can see "key ID b4af1e07: NOTTRUSTED". Now running "rpm -qi gpg-pubkey-b4af1e07" will show the old davmail key, and then "rpm -e gpg-key-b4af1e07" gets rid of it.

After that the latest davmail installs properly. New certificate is good till 2027. Plenty of time for forget these instructions.

ileGITimo avatar Dec 12 '23 18:12 ileGITimo