Can't import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux

This should work… right?

[root@foo:production:~]$ head -2 /etc/os-release 
NAME="AlmaLinux"
VERSION="9.0 (Emerald Puma)"
[root@foo:production:~]$ rpmkeys -v --import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux
error: https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux: key 1 import failed.
[root@foo:production:~]$ wget https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux
--2022-06-09 16:49:00--  https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux
Resolving repo.almalinux.org (repo.almalinux.org)... 136.243.31.169
Connecting to repo.almalinux.org (repo.almalinux.org)|136.243.31.169|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 3494 (3.4K) [application/octet-stream]
Saving to: ‘RPM-GPG-KEY-AlmaLinux’

RPM-GPG-KEY-AlmaLin 100%[===================>]   3.41K  --.-KB/s    in 0s      

2022-06-09 16:49:00 (59.7 MB/s) - ‘RPM-GPG-KEY-AlmaLinux’ saved [3494/3494]

[root@foo:production:~]$ rpmkeys --import RPM-GPG-KEY-AlmaLinux 
error: RPM-GPG-KEY-AlmaLinux: key 1 import failed.
[root@foo:production:~]$ md5sum RPM-GPG-KEY-AlmaLinux 
3b613bb7270bba7451a51222aef9ba7d  RPM-GPG-KEY-AlmaLinux

That key is the version 8 key. Can you import RPM-GPG-KEY-Almalinux-9?

image1330×101 25.7 KB

Importing RPM-GPG-KEY-Almalinux-9 works. I didn’t realise RPM-GPG-KEY-Almalinux was the key for 8. Thanks.

Found another post with a better explanation. The RPM-GPG-KEY-Almalinux is signed with SHA-1. The DEFAULT crypto policy in Alma 9 does not allow this.