Ready to set up and use Zoom, but aren't sure where to start? Begin with our onboarding support experience for everything you need to get started.

Get Started
cancel
Showing results for 
Search instead for 
Did you mean: 

Fedora Client rpm package is unsigned

jknaus
Observer

I use the Fedora rpm package of the meetings desktop client
However, I only want to install software that is correctly cryptographically signed.
That was not a problem so far. However, the recent version 5.8.4 (210) is not signed at all (see rpm -qpi output below), and the gpg signature validation fails.

 

 

$ rpm -qpi zoom_x86_64.rpm 
Name        : zoom
Version     : 5.8.4.210
Release     : 1
Architecture: x86_64
Install Date: (not installed)
Group       : default
Size        : 226471546
License     : see https://www.zoom.us/
Signature   : (none)
Source RPM  : zoom-5.8.4.210-1.src.rpm
Build Date  : Fri 12 Nov 2021 07:27:39 AM CET
Build Host  : localhost
Relocations : / 
Packager    : Zoom Linux Team <linux-dev@zoom.us>
Vendor      : Zoom Video Communications, Inc.
URL         : https://www.zoom.us
Summary     : Zoom Cloud Meetings

 

 

 

2 REPLIES 2

RN
Zoom Moderator

Hey @jknaus, here is some insight I got on a similar case to yours; however, I'd advise to first update to the latest version 5.8.6 to see if this helps! If not, here is a suggestion that may help! 

 

On Download Center https://zoom.us/download if you select Linux Type: Fedora, under the Download button there is the following text: "Zoom's rpm packages are signed with a GPG key. Please run "rpm --import package-signing-key.pub" to import the key in case package management utility asks for a missing public key."

 

You can try running the command and see if the new version of the package is signed again. 

 

$ rpm -qpi ~/Downloads/zoom_x86_64.rpm | egrep '^Source|Signature'  
Signature   : RSA/SHA1, Mon 29 Nov 2021 07:38:12 AM CET, Key ID b903bf1861a7c71d
Source RPM  : zoom-5.8.6.739-1.src.rpm
$

 

 

Let me know if this helps! 

_______________________________________________________

Leverage cool features and how to's from the Community Center. If my reply helped, don't forget to click the accept as solution button! ⤵️

Cris70
Observer

Hi @RN , I have the same problem with the OpenSuse package.

When I installed version 5.10.4 (after importing the signing key) I got this:

zoom_openSUSE_x86_64.rpm: 
   Package header is not signed!

zoom-5.10.4.2845_openSUSE-1.x86_64 (Plain RPM files cache): Signature verification failed [6-File is unsigned]

I then ran the command you suggested, to verify the presence of a signature, and here's the result:

~ >  rpm -qpi ~/Downloads/zoom_openSUSE_x86_64.rpm | egrep '^Source|Signature' 
Signature   : (none)
Source RPM  : zoom-5.10.4.2845_openSUSE-1.src.rpm

Please could you correct the package to include the signature?

Thank you in advance.

Cris