GPG error in Apache2 repository

Wibol · February 16, 2024, 10:26am

On a Hetzner server with Debian 11 and HestiaCP 1.8.11 ready to upgrade to Debian 12:

# apt update
Hit:1 http://mirror.hetzner.de/debian/packages bookworm InRelease
Hit:2 http://deb.debian.org/debian bookworm InRelease                                                                
Get:3 http://deb.debian.org/debian-security bookworm-security InRelease [48.0 kB]                                    
Get:4 http://deb.debian.org/debian bookworm-updates InRelease [52.1 kB]                                              
Get:5 http://mirror.hetzner.de/debian/packages bookworm-updates InRelease [52.1 kB]                                  
Get:6 http://mirror.hetzner.de/debian/packages bookworm-backports InRelease [56.5 kB]                                
Hit:7 http://mirror.hetzner.de/debian/security bookworm-security InRelease                                           
Hit:8 https://nginx.org/packages/mainline/debian bookworm InRelease                                                  
Hit:9 https://packages.sury.org/apache2 bookworm InRelease                                                           
Hit:10 https://packages.sury.org/php bookworm InRelease             
Hit:11 https://apt.hestiacp.com bookworm InRelease                  
Get:12 https://dlm.mariadb.com/repo/mariadb-server/10.11/repo/debian bookworm InRelease [4,625 B]
Get:13 http://mirror.hetzner.de/debian/packages bookworm-backports/main amd64 Packages [172 kB]
Err:9 https://packages.sury.org/apache2 bookworm InRelease
  The following signatures were invalid: EXPKEYSIG B188E2B695BD4743 DEB.SURY.ORG Automatic Signing Key <[email protected]>
Fetched 386 kB in 2s (256 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
571 packages can be upgraded. Run 'apt list --upgradable' to see them.
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packages.sury.org/apache2 bookworm InRelease: The following signatures were invalid: EXPKEYSIG B188E2B695BD4743 DEB.SURY.ORG Automatic Signing Key <[email protected]>
W: Failed to fetch https://packages.sury.org/apache2/dists/bookworm/InRelease  The following signatures were invalid: EXPKEYSIG B188E2B695BD4743 DEB.SURY.ORG Automatic Signing Key <[email protected]>
W: Some index files failed to download. They have been ignored, or old ones used instead.

I solved it by replacing ‘apache2-keyring.gpg’ with ‘sury-keyring.gpg’ in the ‘/etc/apt/sources.list.d/apache2.list’ file.

Is this the correct solution? My line is now:

deb [arch=amd64 signed-by=/usr/share/keyrings/sury-keyring.gpg] https://packages.sury.org/apache2/ bookworm main

Raphael · February 16, 2024, 10:29am

Wibol · February 16, 2024, 10:33am

I performed this procedure 2 days ago, but it is clear that I did not do it correctly.

Sorry for the inconvenience.

eris · February 16, 2024, 10:49am

Don’t use Apache2 my self have include it in the topic

Wibol · February 16, 2024, 10:59am

Don’t use Apache2 my self have include it in the topic

I’m sorry, but I don’t understand what you mean.

I used ‘sury-keyring.gpg’ instead of ‘deb.sury.org-apache2.gpg’ as I said in my original post. I imagine that’s what you mean and I’ve already corrected it.

Thanks.

system · March 17, 2024, 11:00am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.