Closed
Description
When DNF fails because of expired GPG keys like this:
error: Verifying a signature using certificate 519B71E71D5251A03A517DF8454724A7D1C452B2 (praiskup_myvpn (None) <praiskup#[email protected]>):
1. Certificiate 454724A7D1C452B2 invalid: certificate is not alive
because: The primary key is not live
because: Expired on 2022-09-02T17:42:01Z
2. Key 454724A7D1C452B2 invalid: key is not alive
because: The primary key is not live
because: Expired on 2022-09-02T17:42:01Z
error: Verifying a signature using certificate 519B71E71D5251A03A517DF8454724A7D1C452B2 (praiskup_myvpn (None) <praiskup#[email protected]>):
1. Certificiate 454724A7D1C452B2 invalid: certificate is not alive
because: The primary key is not live
because: Expired on 2022-09-02T17:42:01Z
2. Key 454724A7D1C452B2 invalid: key is not alive
because: The primary key is not live
because: Expired on 2022-09-02T17:42:01Z
Can we please improve the message to recommend using --enableplugin=expired-pgp-keys or enabling the plugin in /etc/dnf/plugins/expired-pgp-keys.conf? Otherwise, users have no way of discovering that the plugin exists.
By the way, a user enabled the plugin on my recommendation today, and it fixed his issues perfectly.
For the record, here is a step-by-step reproducer
rpm-software-management/dnf5#1192 (comment)
Metadata
Metadata
Assignees
Type
Projects
Status
Done