During the update of apt-cache or packages installation with the apt package manager, I get the signature expiration message (EXPKEYSIG 8C718D3B5072E1F5). This means that the gpg signature key is expired.
Error
Here is logs on my Debian 9 system:
sudo apt update Hit:1 http://security.debian.org stretch/updates InRelease Get:2 http://repo.mysql.com/apt/debian stretch InRelease [19.2 kB] Hit:3 https://deb.nodesource.com/node_10.x stretch InRelease Err:2 http://repo.mysql.com/apt/debian stretch InRelease The following signatures were invalid: EXPKEYSIG 8C718D3B5072E1F5 MySQL Release Engineering Hit:4 https://packages.sury.org/php stretch InRelease Ign:5 http://mirrors.digitalocean.com/debian stretch InRelease Get:6 http://mirrors.digitalocean.com/debian stretch-updates InRelease [91.0 kB] Hit:7 http://mirrors.digitalocean.com/debian stretch Release Reading package lists... Done ... ...
Use the following command to list all keys configured for apt on your system.
sudo apt-key list
You will see the expired key like this.
Solution:
Now, update the expired key by running the below command. Here 8C718D3B5072E1F5 is the key was expired on my system.
sudo apt-key adv --keyserver keys.gnupg.net --recv-keys 8C718D3B5072E1F5
You must change 8C718D3B5072E1F5 with the expired key on your system.
Thanks!
useful from Taiwan.
Thank you! Greetings from Brazil.
Its not work on keys for Debian 6. All keyserver provides expired keys.
It worked!! Thank you so much!!
Worked like a charm, thanks!
This worked for me. Thanks
Thanks a lot! This really help me!
If you got this error:
gpg: failed to start the dirmngr ‘/usr/bin/dirmngr’: No such file or directory
Simply install dirmngr:
https://blog.sleeplessbeastie.eu/2017/11/02/how-to-fix-missing-dirmngr/
And execute the command again.
Thanks for this awesome hack.
Genio!!!
Hola, al seguir tus instrucciones me daba lo siguiente:
sudo apt-key adv –keyserver keys.gnupg.net –recv-keys 8C718D3B5072E1F5
Executing: /tmp/apt-key-gpghome.EjjsPBXR9j/gpg.1.sh –keyserver keys.gnupg.net –recv-keys 8C718D3B5072E1F5
gpg: keyserver receive failed: Connection refused
Lo solucioné de la siguiente manera:
sudo apt-key adv –keyserver hkp://keyserver.ubuntu.com:80 –recv-keys 5072E1F5
Hi Rahul,
Your solution works like a charm : ). Thanks for taking the time to publish it out there.
Fue de gran ayuda. Muchas gracias !!!