Signature verification failed for microsoft teams repository

For a few days i get a “signature verification failed” error for the microsoft teams repository. I checked the url: https://packages.microsoft.com/yumrepos/ms-teams/ and everything seemed fine. But the error is annoying. Is there a way to trust the signature again? I tried

zypper clean -a 

and then

zypper refresh 

but that did not help.

Remove the signature and add it again. https://learn.microsoft.com/de-de/windows-server/administration/linux-package-repository-for-microsoft-software

How do you remove the signature? That link goes to a German language page general description of how to install microsoft’s key and repository, but doesn’t say anything about how to actually remove the signature.

I tried to identify where the signature file is by checking the specific rpm that I have installed from that repository, but I could not figure it out. Here is what I did:

> rpm -qa | grep teams
**teams**-1.5.00.10453-1.x86_64
**teams**-insiders-1.5.00.23861-1.x86_64

> rpm -K --nosignature teams-1.5.00.10453-1.x86_64
error: teams-1.5.00.10453-1.x86_64: open failed: No such file or directory


I could not find where to delete the key for the repository and install it again. So I tried to unintall the repository and install it again, and I still get the same “signature verification failed” error as the OP.

yast-software -> configuration -> repositorys -> gpg keys

And i posted the german link as the TO is from germany (even if we are here in the german forum).

Sorry, i meant even if we are in the english forum.

To show the key with which the package “teams” is signed:

rpm -qa --qf '%{NAME}-%{VERSION}-%{RELEASE} %{SIGPGP:pgpsig} %{SIGGPG:pgpsig}
' teams

To show the keys available on your system:

rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}	%{SUMMARY}
'

To remove a specific key (as root):

rpm -e gpg-pubkey-abcdefgh-52ae6884

Thank you, those I are the instructions I needed.

Unfortunately, after deleting microsoft’s rpm key and then re-installing it, the “signature verification failed” error is still there. I guess we will have to wait to see what the bug is from microsoft, and since they are not open-source, who knows how long it will take.

Yes, didn’t mean to complain. Thank you for the help.

How exactly is it going to fix bad signature?

bor@bor-Latitude-E5450:~/tmp$ curl -LO https://packages.microsoft.com/yumrepos/ms-teams/repodata/repomd.xml
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  3085  100  3085    0     0   7894      0 --:--:-- --:--:-- --:--:--  7910
bor@bor-Latitude-E5450:~/tmp$ curl -LO https://packages.microsoft.com/yumrepos/ms-teams/repodata/repomd.xml.asc
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   492  100   492    0     0   1418      0 --:--:-- --:--:-- --:--:--  1421
bor@bor-Latitude-E5450:~/tmp$ mkdir gpg
bor@bor-Latitude-E5450:~/tmp$ LC_ALL=C gpg --homedir $PWD/gpg --keyserver hkps://keyserver.ubuntu.com/  --receive-keys EB3E94ADBE1229CF
gpg: WARNING: unsafe permissions on homedir '/home/bor/tmp/gpg'
gpg: keybox '/home/bor/tmp/gpg/pubring.kbx' created
gpg: /home/bor/tmp/gpg/trustdb.gpg: trustdb created
gpg: key EB3E94ADBE1229CF: public key "Microsoft (Release signing) <gpgsecurity@microsoft.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
bor@bor-Latitude-E5450:~/tmp$ LC_ALL=C gpg --homedir $PWD/gpg repomd.xml.asc 
gpg: WARNING: unsafe permissions on homedir '/home/bor/tmp/gpg'
gpg: WARNING: no command supplied.  Trying to guess what you mean ...
gpg: assuming signed data in 'repomd.xml'
gpg: Signature made Mon Sep 19 14:43:14 2022 MSK
gpg:                using RSA key EB3E94ADBE1229CF
gpg: **BAD signature from "Microsoft (Release signing) <gpgsecurity@microsoft.com>"** [unknown]
bor@bor-Latitude-E5450:~/tmp$ 

Someone needs to report it to Microsoft.

We had this topic already several times here in the forum with the Google Chrome repo where it helped to remove the gpg-pubkey and re-add it. This can help when the key was exchanged upstream but your local copy is still an old one.
It is possible that this is not the case here.

https://lists.opensuse.org/archives/list/users@lists.opensuse.org/thread/LIDCTUSKTBLQ7FCP5PXZFVZ2HS73RVEA/#LIDCTUSKTBLQ7FCP5PXZFVZ2HS73RVEA

https://www.omglinux.com/the-official-microsoft-teams-app-for-linux-is-being-retired/

https://github.com/IsmaelMartinez/teams-for-linux

https://news.itsfoss.com/microsoft-linux-app-retire/