Something I ran into recently was the issue of signed keys and packages that needed to be installed on a server. In this case it was ‘rspamd’ that needed an update and was complaining about SHA-1 not being available. You can work around this error.
This is discouraged. Even a signature from a years old RPM could be hacked recently by an attacker. If you really know what you are doing, there’s a possibility to use dnf –nogpgcheck option.
Alternatively you can also switch to the legacy crypto policy:
update-crypto-policies --set LEGACYOr explicitly allow the SHA-1:
update-crypto-policies --set DEFAULT:SHA1
But please don’t forget to switch back, e.g.:
update-crypto-policies --set DEFAULT