Opened 4 months ago

Closed 4 months ago

Last modified 3 months ago

#304 closed defect (fixed)

GPG key expired

Reported by: Adam Thorn Owned by: Antoine Martin
Priority: major Milestone:
Component: Website, Email, etc Keywords:

Description (last modified by Antoine Martin)

The gpg key at used e.g. by the Debian / Ubuntu repos has expired:

$ curl -s  | gpg -

pub  1024D/F18AD6BB 2007-04-18 Antoine Martin <>
uid                            [jpeg image of size 4992]
sub  2048g/6E23E963 2007-04-18 [expires: 2018-05-04]

leading to errors when one runs apt-get update:

Err:17 xenial Release.gpg
  The following signatures were invalid: KEYEXPIRED 1525416977  KEYEXPIRED 1525416977  KEYEXPIRED 1525416977

Change History (3)

comment:1 Changed 4 months ago by Antoine Martin

Description: modified (diff)
Owner: set to Antoine Martin
Status: newaccepted

comment:2 Changed 4 months ago by Antoine Martin

Resolution: fixed
Status: acceptedclosed

Run this command as root:

apt-key adv --keyserver --recv-keys F18AD6BB

This should also work:

apt-get install dirmngr
apt-key adv --fetch-keys

For RPM based distributions (CentOS, Fedora), try:

rpm --import
Last edited 3 months ago by Antoine Martin (previous) (diff)

comment:3 Changed 3 months ago by philip

Here on Ubuntu 16.04, the first suggestion (with "--recv-keys") worked fine.

The second one (with "--fetch-keys") did not. In the latter, the https prefix apparently caused this problem:

Executing: /tmp/tmp.fCSGKtyk8Q/ --fetch-keys
gpgkeys: protocol `https' not supported
gpg: no handler for keyserver scheme `https'
gpg: WARNING: unable to fetch URI keyserver error

Using http instead caused the command to run to completion but for some reason the keys were still not correct. After all this I tried the command shown first, and succeeded with it.

Note: See TracTickets for help on using tickets.