Online update fails with message Signature verification for Repository foo failed

shmuelmetz · March 25, 2018, 8:39pm

first got the message for repository dvd; when I disabled it I got it for packman. Have their been CA changes, and, if so, how do I pick up the new certificate authorities?

nrickert · March 25, 2018, 10:17pm

Use “zypper dup”. Don’t use “online update”.

An online update mainly applies patches. There are no patches for Tumbleweed, as far as I know.

Check this mailing list thread for a discussion of the change in repo format for Tumbleweed.

shmuelmetz · March 27, 2018, 7:56pm

I just tried zypper dup and got a message that PackageKit is blocking zypper. I don’t see anything obviously relevant on the KDE task bar.

doscott · March 27, 2018, 9:07pm

I have checked a few times today and the openSUSE:Tumbleweed repo is having an issue. Past experience indicates that this will eventually sort itself out.

nrickert · March 27, 2018, 10:16pm

KDE comes with an update applet. It periodically checks for updates, using the packagekit service. That’s what is blocking “zypper”. After a while, it should finish, and then you can do a “zypper dup”.

Personally, I disable that update applet. Right click on the tray and select “System Tray Settings”. In those settings, uncheck the box for “Software Updates”. And then you won’t be bothered again by that “package kit is blocking zypper” message.

The think about the update applet, is that it does about the equivalent of “zypper up”. That’s great with Leap, but isn’t sufficient for Tumbleweed, where you really need to use “zypper dup”.

shmuelmetz · April 3, 2018, 8:02pm

The update applet has started failing; that’s why I was using zypper. I’ll try disabling the periodic check. Thanks.

aleksejsmir · May 24, 2019, 1:05pm

A similar problem, but with Leap:

Signature verification for reository Opensuse Leap 15.0 failed,

Tell me please, should I worry?

nrickert · May 24, 2019, 5:34pm

That is usually a temporary problem with a mirror. Wait a few hours and try again.

aleksejsmir · May 25, 2019, 2:58am

No, it does not help.

I think I solved this problem.
(Leap 15.0)
Step by step:

# zypper clean -a
# zypper ref


=> New repository or package signing key received:
=> Repository:   Packman
=> Key name:     PackMan Project (signing key) <packman@links2linux.de>
=> etc....


=> Do you want to reject this key, trust temporarily, or trust always?: a

simorgh · October 17, 2021, 4:58pm

Thank you for this. The following worked for me on openSUSE Leap 15.3 for another repository:

 zypper clean -a

Regards.