Replies: 1 comment
-
|
Just in case this week CentOS 9 Stream has upgraded gnupg, so that SHA-1 were just rejected. This change was rolled back (for now) but I'd say that updating GPG is quite important thing to do. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Documentation https://www.rabbitmq.com/install-rpm.html#package-cloud states we should use legacy mode (ignore the fact SHA1 is considered weak).
Will these be upgraded so that
rpm --importdoesn't fail unless you set policy to LEGACY? Modern distros won't be using LEGACY mode.Quoting the documentation:
primary RabbitMQ signing key
rpm --import https://github.com/rabbitmq/signing-keys/releases/download/2.0/rabbitmq-release-signing-key.ascmodern Erlang repository
rpm --import https://packagecloud.io/rabbitmq/erlang/gpgkeyRabbitMQ server repository
rpm --import https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkeyNote that if any of the above import commands finishes with an error due to the SHA1 hash algorithm, you must execute the following first:
sudo update-crypto-policies --set LEGACYBeta Was this translation helpful? Give feedback.
All reactions