Monday, July 25, 2016

apt - official nginx trusty ppa gives KEYEXPIRED gpg error



I'm getting the following error every time I do apt-get upgrade:



GPG error: http://nginx.org trusty Release: The following signatures were invalid: KEYEXPIRED 1471427554




I just have the official nginx ppa installed the standard way, by having added the following to my sources.list



deb http://nginx.org/packages/ubuntu/ trusty nginx
deb-src http://nginx.org/packages/ubuntu/ trusty nginx


Is this an error from their end that they will eventually fix hopefully, or is there something I'm going to have to do from my end?



After adding a third party repository to a /etc/apt/sources.list.d/* file or /etc/apt/sources.list, you need to make sure the corresponding gpg key is inserted into the apt keystore.




To be more specific for this special case of nginx.org repository: you need to add the nginx.org gpg key file used for the signing of the repository.



This can be done by either downloading the file https://nginx.org/keys/nginx_signing.key manually and issue sudo apt-key add nginx_signing.key (as suggested by nginx.org and @ThomasWard) or you can do this in one single line:



wget https://nginx.org/keys/nginx_signing.key -O - | sudo apt-key add -

No comments:

Post a Comment

11.10 - Can't boot from USB after installing Ubuntu

I bought a Samsung series 5 notebook and a very strange thing happened: I installed Ubuntu 11.10 from a usb pen drive but when I restarted (...