diff --git a/man/importctl.xml b/man/importctl.xml
index f67565bc054..c1021e60bab 100644
--- a/man/importctl.xml
+++ b/man/importctl.xml
@@ -125,8 +125,8 @@
, the sha checksum file is first verified with the detached GPG
signature of .sha256 or SHA256SUMS. The public key for
this verification step needs to be available in
- /usr/lib/systemd/import-pubring.gpg or
- /etc/systemd/import-pubring.gpg.
+ /usr/lib/systemd/import-pubring.pgp or
+ /etc/systemd/import-pubring.pgp.
If is specified the image will be downloaded and stored in
a read-only subvolume/directory in the image directory that is named after the specified URL and its
diff --git a/man/sysupdate.d.xml b/man/sysupdate.d.xml
index 9a32c8c734a..13dcd097754 100644
--- a/man/sysupdate.d.xml
+++ b/man/sysupdate.d.xml
@@ -481,8 +481,8 @@
downloaded resources (specifically: validate the GPG signatures for downloaded
SHA256SUMS manifest files, via their detached signature files
SHA256SUMS.gpg in combination with the system keyring
- /usr/lib/systemd/import-pubring.gpg or
- /etc/systemd/import-pubring.gpg).
+ /usr/lib/systemd/import-pubring.pgp or
+ /etc/systemd/import-pubring.pgp).
This option is essential to provide integrity guarantees for downloaded resources and thus
should be left enabled, outside of test environments.
diff --git a/meson.build b/meson.build
index 3f5ddccd12e..a468cf1ea1b 100644
--- a/meson.build
+++ b/meson.build
@@ -320,9 +320,10 @@ conf.set_quoted('USER_CONFIG_UNIT_DIR', pkgsysconfdir / 'u
conf.set_quoted('USER_DATA_UNIT_DIR', userunitdir)
conf.set_quoted('USER_ENV_GENERATOR_DIR', userenvgeneratordir)
conf.set_quoted('USER_GENERATOR_DIR', usergeneratordir)
-conf.set_quoted('USER_KEYRING_PATH', pkgsysconfdir / 'import-pubring.gpg')
+conf.set_quoted('USER_KEYRING_PATH', pkgsysconfdir / 'import-pubring.pgp')
+conf.set_quoted('USER_KEYRING_PATH_LEGACY', pkgsysconfdir / 'import-pubring.gpg')
conf.set_quoted('USER_PRESET_DIR', userpresetdir)
-conf.set_quoted('VENDOR_KEYRING_PATH', libexecdir / 'import-pubring.gpg')
+conf.set_quoted('VENDOR_KEYRING_PATH', libexecdir / 'import-pubring.pgp')
conf.set('ANSI_OK_COLOR', 'ANSI_' + get_option('ok-color').underscorify().to_upper())
conf.set10('ENABLE_URLIFY', get_option('urlify'))
diff --git a/src/import/import-pubring.gpg b/src/import/import-pubring.pgp
similarity index 100%
rename from src/import/import-pubring.gpg
rename to src/import/import-pubring.pgp
diff --git a/src/import/meson.build b/src/import/meson.build
index a2bb54992b4..e1670da8174 100644
--- a/src/import/meson.build
+++ b/src/import/meson.build
@@ -109,6 +109,6 @@ install_data('org.freedesktop.import1.service',
install_data('org.freedesktop.import1.policy',
install_dir : polkitpolicydir)
-install_data('import-pubring.gpg',
+install_data('import-pubring.pgp',
install_dir : libexecdir)
# TODO: shouldn't this be in pkgdatadir?
diff --git a/src/import/pull-common.c b/src/import/pull-common.c
index 67ed640a6f4..40248eee3d8 100644
--- a/src/import/pull-common.c
+++ b/src/import/pull-common.c
@@ -458,6 +458,8 @@ static int verify_gpg(
* otherwise. */
if (access(USER_KEYRING_PATH, F_OK) >= 0)
cmd[k++] = "--keyring=" USER_KEYRING_PATH;
+ else if (access(USER_KEYRING_PATH_LEGACY, F_OK) >= 0)
+ cmd[k++] = "--keyring=" USER_KEYRING_PATH_LEGACY;
else
cmd[k++] = "--keyring=" VENDOR_KEYRING_PATH;