We’ve recently updated the signing certificates used for our .deb and .rpm packages in the Enclave package repositories.
When running apt-get update if you receive the following error message you simply need to tell apt (or dnf) to download the latest public key from the Enclave package repository:
$ sudo apt update
Get:1 https://packages.enclave.io/apt stable InRelease [4799 B]
Err:1 https://packages.enclave.io/apt stable InRelease
The following signatures were invalid: EXPKEYSIG A386D59E7C22F628 Enclave Networks <[email protected]>
Reading package lists... Done
W: GPG error: https://packages.enclave.io/apt stable InRelease: The following signatures were invalid: EXPKEYSIG A386D59E7C22F628 Enclave Networks <[email protected]>
E: The repository 'https://packages.enclave.io/apt stable InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
Update the signing key for Debian-based distributions
To update to the latest signing key, simply re-run step two of the Linux installation instructions pull the latest key:
curl -fsSL https://packages.enclave.io/apt/enclave.stable.gpg | sudo gpg --dearmor -o /usr/share/keyrings/enclave.gpg
Overwrite the existing enclave.gpg key when prompted, and then run sudo apt update again to check for the latest packages.
Update the signing key for RPM-based distributions
To update to the latest signing key, simply re-import the Enclave public key and re-make the cache:
sudo dnf clean all
sudo rm -R /var/cache/dnf/enclave-*/pubring
sudo dnf check-update
Now run sudo dnf update again to check for the latest packages.