APT Repo Public Key Expiration & Update

Setup, Configuration and Use Installation
18

+1
same error

19

Can one see, if the key is updated ?

20

Same Error.

21

Also !

22

+1
same issue

23

The repo moved. The APT/RPM 'testing' (Milestone) repository has moved

24

okay, but how do we fix that? can we still stay on release (stable) version or do we have to testing version?

25

I was able to install by disabling signature check in the file /etc/apt/source.list.d/openhab2.list with deb [trusted=yes] https://dl.bintray.com/openhab/apt-repo2 stable main.

The option [trusted=yes] disable the check of the signature and has to be removed as soon as the signing problem is fixed.

5 Likes
26

Thanks for this advice!

The note of jclugeon helping me for the moment! THX

27

I’m working on Raspberry 4, both getting new key and disabling signature check didn’t work. I’m on stable release.
Any ideas?

28

That worked for me with:

`deb [trusted=yes] https://dl.bintray.com/openhab/apt-repo2 stable main’

Thank you!

1 Like
29

you can get the stable version from jfrogio also

echo ‘deb JFrog stable main’ | sudo tee /etc/apt/sources.list.d/openhab2.list
sudo apt update

should be the correct way, as swamiller said (APT Repo Public Key Expiration & Update - #23 by swamiller), the repo has moved

you really shouldn’t use [trusted=yes]

3 Likes
30

That worked for me!

31

indeed the first-boot.bash worked after applying that command.

just for info: today i wanted to make a fresh install, because yesterday i changed many things to make the installation work. i wanted to apply the command before any setup starts. i found out, that in the meantime the problem got fixed on github: https://github.com/openhab/openhabian/commit/1741bb777d7656af848c64dad3987910438bea46
thank you for providing a solution so fast!

32

I did the key update as suggested (see output from apt-key list)

/etc/apt/trusted.gpg

pub rsa4096 2015-07-25 [SC] [expires: 2023-07-24]
EDB7 D030 4E2F CAF6 29DF 1163 0757 21F6 A224 060A
uid [ unknown] openHAB Bintray Repositories owner@openhab.org
sub rsa4096 2015-07-25 [E] [expires: 2023-07-25]

… and it seems to contain the updated key. But it didn’t work. Neither did
the trusted=yes option for me.

So what’s the supposed solution?

Should I change the repository as suggested?
https://www.openhab.org/docs/ still points to bintray?

Or should I just wait until the problem is fixed?
Are you still working on the fix?

Thanks!

33

Now I installed the actual openHABian v1.5 based on Debian Buster supports RPi4 on my Raspberry pi 2 and it’s okay. No more Errors.

34

Adding [trusted=yes] did not work for me immediately. There seems to be a bug in apt on Ubuntu that does not disable the signature check if the lists had already been downloaded before. Removing the local package lists fixed it:

sudo rm /var/lib/apt/lists/*openhab*

1 Like
35

Thanks, that helped on my Debian stretch.

But still this can only be a workaround.

36

I have tried, but still not working for me.
(Armbian / orangepi-pc)

38

My system also does not accept the signature of this repo:

W: GPG-Fehler: https://openhab.jfrog.io/openhab/openhab-linuxpkg stable Release: Die folgenden Signaturen waren ungültig: EXPKEYSIG 075721F6A224060A openHAB Bintray Repositories <owner@openhab.org>
W: The repository 'https://openhab.jfrog.io/openhab/openhab-linuxpkg stable Release' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.

How do I get OpenHAB updates working again?

1 Like