[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] EXPKEYSIG when running 'apt update'



Hi Imre,

I also ran into this issue. Following the current instructions [1] and adding a signed-by
in sources.list fixed this for me:

deb     [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org <DISTRIBUTION> main

Looks like the expiration date on the key was changed and the package deb.torproject.org-keyring
only updates that key in /usr/share/keyrings/. I can't but wonder if everyone that doesn't have a
signed-by is affected, which must be quite a few.

Regards,

Peter


[1]: https://support.torproject.org/apt/

On 6/13/22 19:11, Imre Jonk wrote:
> Hi tor-relays,
> 
> I'm getting this error when running 'apt update':
> 
> Err:4 https://deb.torproject.org/torproject.org bullseye InRelease
>   The following signatures were invalid: EXPKEYSIG 74A941BA219EC810
> deb.torproject.org archive signing key
> 
> The signing key in
> /etc/apt/trusted.gpg.d/deb.torproject.org-keyring.gpg does not appear
> to be expired, so I guess some repository metadata signature has
> expired. Does anyone else encounter this issue?
> 
> Thanks,
> 
> Imre
> 
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays