official nginx trusty ppa gives KEYEXPIRED gpg error
Solution 1:
After adding a third party repository to a /etc/apt/sources.list.d/*
file or /etc/apt/sources.list
, you need to make sure the corresponding gpg key is inserted into the apt keystore.
To be more specific for this special case of nginx.org repository: you need to add the nginx.org gpg key file used for the signing of the repository.
This can be done by either downloading the file https://nginx.org/keys/nginx_signing.key manually and issue sudo apt-key add nginx_signing.key
(as suggested by nginx.org and @ThomasWard) or you can do this in one single line:
wget https://nginx.org/keys/nginx_signing.key -O - | sudo apt-key add -
Solution 2:
The root cause of this problem is because the "older" Nginx signing key expired on Aug 17, 2016:
$ sudo apt-key list
pub 2048R/7BD9BF62 2011-08-19 [expired: 2016-08-17]
uid nginx signing key <[email protected]>
To fix this issue, add the new signing key using the command as suggested by @phillip-zyan-k-lee-stockmann and @ThomasWard:
wget https://nginx.org/keys/nginx_signing.key -O - | sudo apt-key add -
The new key now expires in 2024:
$ sudo apt-key list
pub 2048R/7BD9BF62 2011-08-19 [expires: 2024-06-14]
uid nginx signing key <[email protected]>