The rpms in the official conda repository are SHA-1 signed, but this signing algorithm has been deprecated in RHEL9. This means that one needs to disable gpg-checking or use a legacy crypto policy in order to install the software, which is a security concern.
Is there a possibility to update/resign the packages using sha256 or sha512?