VaryingVagrantVagrants – Nginx GPG key expired/invalid

Case: Error when provisioning VaryingVagrantVagrants vvv that the nginx.com repository is not signed and the nginx signing key – invalid.

Sample of the error:

W: GPG error: https://nginx.org/packages/mainline/ubuntu focal InRelease: The following signatures were invalid: EXPKEYSIG ABF5BD827BD9BF62 nginx signing key <signing-key@nginx.com> 
E: The repository 'https://nginx.org/packages/mainline/ubuntu focal InRelease' is not signed.

Solution (Debian/Ubuntu)

  1. sudo su -
  2. Download the new GPG key and overwrite the old one:
    curl -O https://nginx.org/keys/nginx_signing.key && apt-key add ./nginx_signing.key
  3. Verify using: apt-key list(the nginx signing key should have a far-future expiration date)

See link #2 in Sources for updating the key on Amazon Linux, CentOS, Oracle Linux, RHEL, and SLES.

Sources

  1. Fix Nginx expired key (EXPKEYSIG ABF5BD827BD9BF62) – #17 by Paneljocky – Web – Hestia Control Panel – Discourse
  2. Updating the GPG Key for NGINX Products

Did this solve your issue?