Official COPR Fedora/RPM repository GPG-key expired

Software
2

I am guessing you just upgraded to Fedora 38 and didn’t do a clean install? Fedora 38 has some stricter policies regarding the GPG keys for repositories and packages, so expect some more of these errors with 3rd-party repos.

Looking at the KiCad repo specifically, the key served by the COPR right now is valid (I downloaded the pubkey from COPR just now):

$ gpg -vv pubkey.gpg 
gpg: WARNING: no command supplied.  Trying to guess what you mean ...
gpg: armor: BEGIN PGP PUBLIC KEY BLOCK
# off=0 ctb=99 tag=6 hlen=3 plen=269
:public key packet:
	version 4, algo 1, created 1491861440, expires 0
	pkey[0]: [2048 bits]
	pkey[1]: [17 bits]
	keyid: 13A8A6344C710964
# off=272 ctb=b4 tag=13 hlen=2 plen=56
:user ID packet: "@kicad_kicad (None) <@kicad#kicad@copr.fedorahosted.org>"
# off=330 ctb=89 tag=2 hlen=3 plen=340
:signature packet: algo 1, keyid 13A8A6344C710964
	version 4, created 1618024969, md5len 0, sigclass 0x13
	digest algo 8, begin of digest 6c 2f
	hashed subpkt 27 len 1 (key flags: 2F)
	hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 2)
	hashed subpkt 21 len 5 (pref-hash-algos: 8 9 10 11 2)
	hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1)
	hashed subpkt 30 len 1 (features: 01)
	hashed subpkt 23 len 1 (keyserver preferences: 80)
	hashed subpkt 33 len 21 (issuer fpr v4 DD4B35E70DC95FDE699B4F0C13A8A6344C710964)
	hashed subpkt 2 len 4 (sig created 2021-04-10)
	hashed subpkt 9 len 4 (key expires after 9y0d5h25m)
	subpkt 16 len 8 (issuer key ID 13A8A6344C710964)
	data: [2046 bits]
pub   rsa2048 2017-04-10 [SCEA] [expires: 2026-04-09]
      DD4B35E70DC95FDE699B4F0C13A8A6344C710964
uid           @kicad_kicad (None) <@kicad#kicad@copr.fedorahosted.org>
sig        13A8A6344C710964 2021-04-10   [selfsig]

I think you might have an older key installed on your system from when you added the COPR originally, and it has been updated/renewed already on the server but your system hasn’t gotten the updated key

Try running these commands to get the current key from the server:

  1. Find the actual COPR key using: rpm -q --qf "%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n" gpg-pubkey | grep kicad
  2. Remove your current GPG key for the COPR using sudo rpm -e gpg-pubkey-XXXXXXXX-XXXXXXXX (replacing the gpg-pubkey-* with the numbers from step 1.
  3. Add the new COPR key: sudo rpm --import https://download.copr.fedorainfracloud.org/results/@kicad/kicad/pubkey.gpg
1 Like