zabbix-official-repo.key contains mixed SHA-1 and SHA-512 GPG keys, causing import failures on RHEL 9+ systems due to crypto policy restrictions that reject SHA-1.

XMLWordPrintable

    • Type: Incident report
    • Resolution: Unresolved
    • Priority: Trivial
    • None
    • Affects Version/s: 7.4.6
    • Component/s: Agent2 (G)
    • None

      Steps to reproduce:

      2. On AlmaLinux 9 or RHEL 9+
        rpm --import http://repo.zabbix.com/zabbix-official-repo.key
      3. Error: warning: Signature not supported. Hash algorithm SHA1 not available.

      Result:
              warning: Signature not supported. Hash algorithm SHA1 not available.

      Expected Behavior:
      Provide a separate key file with only SHA-512 keys (e.g., zabbix-official-repo-sha512.key) or remove SHA-1 keys from the existing file.

      Workaround Currently Required:
      Must use disable_gpg_check: yes when installing repository packages on RHEL 9+ systems.

      Related Issues:

            Assignee:
            Zabbix Support Team
            Reporter:
            gowthamakanthan
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: