Apt-get update signature verification failed NO_PUBKEY A386D59E7C22F628

We’ve recently rotated the key material which we used to signed our .deb packages in the Enclave apt repository, in preparation for releasing Enclave as an RPM package.

When running apt-get update if you receive the following error message you simply need to tell apt to use the latest public key for the Enclave package repository:

An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packages.enclave.io/apt stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A386D59E7C22F628

Update the signing key

To update to the latest signing key, simply run the following command to pull the latest key from the repo:

curl -fsSL https://packages.enclave.io/apt/enclave.stable.gpg | sudo apt-key add -

There’s no need to keep the old key, and you can remove it using:

sudo apt-key del B80BC1D4

Now run apt-get update again to check for the latest packages.

Please note that while apt-get update will report an error processing updates from the Enclave package repository until you’ve applied this fix, other repositories will continue to work as normal even without updating to the latest key material, as described here.