VaryingVagrantVagrants – Nginx GPG key expired/invalid

Case: Error when provisioning VaryingVagrantVagrants vvv that the repository is not signed and the nginx signing key – invalid.

Sample of the error:

W: GPG error: focal InRelease: The following signatures were invalid: EXPKEYSIG ABF5BD827BD9BF62 nginx signing key <> 
E: The repository ' focal InRelease' is not signed.

Solution (Debian/Ubuntu)

  1. sudo su -
  2. Download the new GPG key and overwrite the old one:
    curl -O && apt-key add ./nginx_signing.key
  3. Verify using: apt-key list(the nginx signing key should have a far-future expiration date)

See link #2 in Sources for updating the key on Amazon Linux, CentOS, Oracle Linux, RHEL, and SLES.


  1. Fix Nginx expired key (EXPKEYSIG ABF5BD827BD9BF62) – #17 by Paneljocky – Web – Hestia Control Panel – Discourse
  2. Updating the GPG Key for NGINX Products

Did this solve your issue?