You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be great if the Phusion signing key was signed with SHA256 instead of SHA1 so we don't have to disable gpgcheck for this repository. The packages should also be signed rather than just the metadata, ideally for all of CentOS 7, 8, and 9.
Thanks!
The text was updated successfully, but these errors were encountered:
Hi there,
We have the following issue on RHEL 9:
https://www.redhat.com/en/blog/rhel-security-sha-1-package-signatures-distrusted-rhel-9
It would be great if the Phusion signing key was signed with SHA256 instead of SHA1 so we don't have to disable gpgcheck for this repository. The packages should also be signed rather than just the metadata, ideally for all of CentOS 7, 8, and 9.
Thanks!
The text was updated successfully, but these errors were encountered: