"GPG error: Release: The following signatures were invalid: BADSIG"

I ran this command in the Terminal:

sudo apt-get update

Updating ends with the following error report:

W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://extras.ubuntu.com precise Release: The following signatures were invalid: BADSIG 16126D3A3E5C1192 Ubuntu Extras Archive Automatic Signing Key <[email protected]>

W: GPG error: http://ppa.launchpad.net precise Release: The following signatures were invalid: BADSIG 4C1CBC1B69B0E2F4 Launchpad PPA for Jonathan French
W: Failed to fetch http://extras.ubuntu.com/ubuntu/dists/precise/Release  

What does this mean and why is it happening?

Try this:

sudo apt-get clean
sudo mv /var/lib/apt/lists /tmp
sudo mkdir -p /var/lib/apt/lists/partial
sudo apt-get clean
sudo apt-get update

This message is displaying because the gpg key for that repository is missing in your apt-key database.

To import the key, open a terminal and enter these commands

gpg --keyserver keyserver.ubuntu.com --recv-keys 16126D3A3E5C1192 

pgp keys are mostly distributed in several keystore. Ubuntu related keys are usually found in keyserver.ubuntu.com. But if that fails you can use alternatives. Like -

gpg --keyserver hkp://subkeys.pgp.net --recv-keys 16126D3A3E5C1192

You must replace the alphanumeric part, with the specific key. Make sure the key is one you trust. Any repository with this key, would be able to install any package without warning.

You would see the following output if the above is successful

gpg: Total number processed: 1
gpg:               imported: 1

Then run this command:

gpg --export --armor 16126D3A3E5C1192 | sudo apt-key add - 

Note the - sign after add.

Then sudo apt-get update, you will have no such messages after this.

I found that just running these commands worked for me.

sudo rm -rf /var/lib/apt/lists
sudo mkdir /var/lib/apt/lists