Error When Updating CentOS 7 – GPG keys are not correct for this package

When trying to update a CentOS 7 system after an extended amount of time, I ran into this error:

Downloading packages:
warning: /var/cache/yum/x86_64/7/ius/packages/yum-plugin-replace-0.2.7-1.ius.el7.noarch.rpm: Header V4 RSA/SHA256 Signature, key ID 4b274df2: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/IUS-COMMUNITY-GPG-KEY

The GPG keys listed for the “IUS Community Packages for Enterprise Linux 7 – x86_64” repository are already installed but they are not correct for this package.
Check that the correct key URLs are configured for this repository.

Failing package is: yum-plugin-replace-0.2.7-1.ius.el7.noarch
GPG Keys are configured as: file:///etc/pki/rpm-gpg/IUS-COMMUNITY-GPG-KEY

In this example I was trying to install the package yum-plugin-replace, but a similar error can occur with other packages you may have installed as well.  The solution was to reinstall the IUS repository (https://ius.io/setup)

sudo yum install \
https://repo.ius.io/ius-release-el7.rpm \
https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

Once complete retry the update

sudo yum update

At which point you may run into the below message.  The fingerprint should match https://ius.io/keys, then type Y to finish.

Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-IUS-7
Importing GPG key 0x4B274DF2:
Userid : “IUS (7) <[email protected]>”
Fingerprint: c958 7a09 a11f d706 4f0c a0f4 e558 0725 4b27 4df2
Package : ius-release-2-1.el7.ius.noarch (installed)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-IUS-7
Is this ok [y/N]:

 

This entry was posted in Uncategorized. Bookmark the permalink.