| Thread overview |
|---|
May 21, 2020 GPG Public Key expired? | ||||
|---|---|---|---|---|
| ||||
 | $ curl -fsS https://dlang.org/install.sh | bash -s dmd Downloading and unpacking http://downloads.dlang.org/releases/2.x/2.092.0/dmd.2.092.0.linux.tar.xz ######################################################################## 100.0% gpg: checking the trustdb gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: next trustdb check due at 2022-03-12 gpg: Signature made Mon 11 May 2020 16:54:29 BST gpg: using RSA key 3AAF1A18E61F6FAA3B7193E4DB8C5218B9329CF8 gpg: Can't check signature: No public key Invalid signature http://downloads.dlang.org/releases/2.x/2.092.0/dmd.2.092.0.linux.tar.xz.sig | |||
Permalink
ReplyMay 22, 2020 Re: GPG Public Key expired? | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to divi | On Thursday, 21 May 2020 at 18:14:19 UTC, divi wrote: > $ curl -fsS https://dlang.org/install.sh | bash -s dmd > Downloading and unpacking http://downloads.dlang.org/releases/2.x/2.092.0/dmd.2.092.0.linux.tar.xz > ######################################################################## 100.0% > gpg: checking the trustdb > gpg: marginals needed: 3 completes needed: 1 trust model: pgp > gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u > gpg: next trustdb check due at 2022-03-12 > gpg: Signature made Mon 11 May 2020 16:54:29 BST > gpg: using RSA key 3AAF1A18E61F6FAA3B7193E4DB8C5218B9329CF8 > gpg: Can't check signature: No public key > Invalid signature http://downloads.dlang.org/releases/2.x/2.092.0/dmd.2.092.0.linux.tar.xz.sig > gpg: using RSA key 3AAF1A18E61F6FAA3B7193E4DB8C5218B9329CF8 > gpg: Can't check signature: No public key Currently, that key is not part of the publicly known keys and is not in the provided keyring: https://dlang.org/gpg_keys.html Maybe it's a new release-signing key and the keyring hasn't been updated yet. Or maybe something worse. | |||
May 22, 2020 Re: GPG Public Key expired? | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to divi | On Thursday, 21 May 2020 at 18:14:19 UTC, divi wrote:
> $ curl -fsS https://dlang.org/install.sh | bash -s dmd
> Downloading and unpacking http://downloads.dlang.org/releases/2.x/2.092.0/dmd.2.092.0.linux.tar.xz
> ######################################################################## 100.0%
> gpg: checking the trustdb
> gpg: marginals needed: 3 completes needed: 1 trust model: pgp
> gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
> gpg: next trustdb check due at 2022-03-12
> gpg: Signature made Mon 11 May 2020 16:54:29 BST
> gpg: using RSA key 3AAF1A18E61F6FAA3B7193E4DB8C5218B9329CF8
> gpg: Can't check signature: No public key
> Invalid signature http://downloads.dlang.org/releases/2.x/2.092.0/dmd.2.092.0.linux.tar.xz.sig
I think what's happening is that your local keyring is outdated. The install script doesn't automatically update the keyring (nor warns you about the keyring being outdated). Unfortunately a well-known bug/problem/limitation.
You probably ran the install script at some point in the past and it created ~/dlang/d-keyring.gpg.
The fix should be to run this:
$ ~/dlang/install.sh update
This will result in the script updating itself and the keyring.
(The install script from prior runs gets installed at ~/dlang/install.sh)
| |||
May 22, 2020 Re: GPG Public Key expired? | ||||
|---|---|---|---|---|
| ||||
Posted in reply to Seb | On Friday, 22 May 2020 at 11:56:57 UTC, Seb wrote:
> On Thursday, 21 May 2020 at 18:14:19 UTC, divi wrote:
>> [...]
>
> I think what's happening is that your local keyring is outdated. The install script doesn't automatically update the keyring (nor warns you about the keyring being outdated). Unfortunately a well-known bug/problem/limitation.
>
> You probably ran the install script at some point in the past and it created ~/dlang/d-keyring.gpg.
> The fix should be to run this:
>
> $ ~/dlang/install.sh update
>
> This will result in the script updating itself and the keyring.
>
> (The install script from prior runs gets installed at ~/dlang/install.sh)
Excellent, that worked. Thanks!
| |||
May 22, 2020 Re: GPG Public Key expired? | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to sebasg | On Friday, 22 May 2020 at 10:05:54 UTC, sebasg wrote:
> Currently, that key is not part of the publicly known keys and is not in the provided
> keyring: https://dlang.org/gpg_keys.html
>
> Maybe it's a new release-signing key and the keyring hasn't been updated yet.
> Or maybe something worse.
Wrong, it's actually there, a subkey:
pub rsa4096 2020-03-12 [SC] [expires: 2022-03-12]
F46A 10D0 AB44 C3D1 5DD6 5797 BCDD 73FF C3EB 6146
uid [ unknown] Martin Nowak <code@dawg.eu>
uid [ unknown] Martin Nowak <martin.nowak@7learnings.com>
uid [ unknown] Martin Nowak <martin@dlang.org>
sub rsa4096 2020-03-12 [E] [expires: 2022-03-12]
B926 14C2 1EC5 779D C678 468E 9A81 3AD3 C115 08BC
sub rsa4096 2020-03-12 [S] [expires: 2022-03-12]
3AAF 1A18 E61F 6FAA 3B71 93E4 DB8C 5218 B932 9CF8
| |||
Copyright © 1999-2021 by the D Language Foundation