Hello,
we’re using the Nexus Repository Manager for hosting our own Chocolatey packages. Everything works fine, but yesterday I discovered, that the update via APT from Sonatype Nexus Repository fails.
The error message APT prints is the following:
Get:4 https://repo.sonatype.com/repository/community-apt-hosted bionic InRelease [1,387 B]
Err:4 https://repo.sonatype.com/repository/community-apt-hosted bionic InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 964B5E720AA4F31A
Reading package lists... Done
W: GPG error: https://repo.sonatype.com/repository/community-apt-hosted bionic InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 964B5E720AA4F31A
E: The repository 'https://repo.sonatype.com/repository/community-apt-hosted bionic InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
I installed the key via:
wget -q -O - https://repo.sonatype.com/repository/community-hosted/pki/deb-gpg/DEB-GPG-KEY-Sonatype.asc | sudo apt-key add -
What can I do now?
Edit:
And when using
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 964B5E720AA4F31A
I only get a key that already expired…
Edit 2:
It seems that the Release-File is signed with a different key that the key provided.
ID of key used to sign: 964B5E720AA4F31A
ID of provided key: 7DC565E26783520F
–
Best regards