Tests fail with default crypto-policies on RHEL10 #1018
Description
I'm trying to build a package in a RHEL10-based system, by taking the src.rpm from Fedora 40 and updating it to version 7.5.4. I got it to pass the build stage, but when the tests start running, there are a lot of failures caused by using the deprecated SHA1 algorithm. If I switch the OS into legacy mode by running update-crypto-policies --set LEGACY, all the tests pass, and the package is built successfully.
I tried to look into the actual signing procedure to see if I might be able to generate another signing key that is consistent with the modern requirements, but quickly got lost in all the intricacies of XML signing, which I have absolutely no clue about. A few attempt to create a new key and fix the appropriate fields in the XML file failed miserably, the file refused to sign.
It would be nice to have this project compatible with the modern environment requirements. As time goes by, more and more systems will be adopting the new restrictions.