Keyring expired

Hello I an running Linux Mint 18.3 xfce
I have tried to reinstall from the terminal many times as per the top pinned post to update my keyring for the past 24 hours and I don’t understand sandbox issue if that is even the problem
running brave-browser (0.62.51).
brave-keyring (1.1)
I have also uninstalled and reinstalled the browser and keyring from inside the Synaptic Package Manager
when updating this is the error from synaptic

An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://brave-browser-apt-release.s3.brave.com xenial InRelease: The following signatures were invalid: KEYEXPIRED 1555193394 KEYEXPIRED 1555193433 KEYEXPIRED 1555193433 KEYEXPIRED 1555193394 KEYEXPIRED 1555193433 KEYEXPIRED 1555193394 KEYEXPIRED 1555193433Failed to fetch https://brave-browser-apt-release.s3.brave.com/dists/xenial/InRelease The following signatures were invalid: KEYEXPIRED 1555193394 KEYEXPIRED 1555193433 KEYEXPIRED 1555193433 KEYEXPIRED 1555193394 KEYEXPIRED 1555193433 KEYEXPIRED 1555193394 KEYEXPIRED 1555193433Some index files failed to download. They have been ignored, or old ones used instead.

cc @sriram @Mattches for assistance here

@750guzzi,
Can you please try installing without using the package manager?

Hello Mattches I try to install by the terminal and it doesn’t work
I have followed the pinned instructions

thank you for responding

Same issue with Mint 19 Cinnamon. I think it’s since the keyring update (1.0-1 -> 1.1) two days ago that Mintupdate reports.

I also tried to do a apt update from the command line with same result. The following key is shown as expired:

4FE13824E3FFC656 Brave Software support@brave.com

But maybe this is a Mint issue…

Even a “Fix merge list problems” doesn’t fix it… :thinking:

I was having the same problem. Repeating installation instructions did NOT resolve the issue.
I removed brave-browser and brave-keyring and deleted the expired gpg key. Then installation worked. In retrospect, it may have worked by simply deleting the expired gpg key and installing the new one. Hope that helps.
Instructions to remove key - https://askubuntu.com/questions/107177/how-can-i-remove-gpg-key-that-i-added-using-apt-key-add

1 Like

@dj0Nz @750guzzi,
Can you try the solution @bamarcus suggested above? :point_up:

I’m using Mint 18.3 and having the same problem. Here is my read out.
An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://brave-browser-apt-release.s3.brave.com xenial InRelease: The following signatures were invalid: KEYEXPIRED 1555193394 KEYEXPIRED 1555193394 KEYEXPIRED 1555193433 KEYEXPIRED 1555193433 KEYEXPIRED 1555193394 KEYEXPIRED 1555193394 KEYEXPIRED 1555193433 KEYEXPIRED 1555193394 KEYEXPIRED 1555193394 KEYEXPIRED 1555193433Failed to fetch https://brave-browser-apt-release.s3.brave.com/dists/xenial/InRelease The following signatures were invalid: KEYEXPIRED 1555193394 KEYEXPIRED 1555193394 KEYEXPIRED 1555193433 KEYEXPIRED 1555193433 KEYEXPIRED 1555193394 KEYEXPIRED 1555193394 KEYEXPIRED 1555193433 KEYEXPIRED 1555193394 KEYEXPIRED 1555193394 KEYEXPIRED 1555193433Some index files failed to download. They have been ignored, or old ones used instead.

Can you (everyone) try manually removing the signing key, then adding the updated one:

apt-key --keyring /etc/apt/trusted.gpg del D8BAD4DE7EE17AF52A834B2D0BB75829C2D4E821
rm /etc/apt/trusted.gpg.d/brave-browser-release.gpg

curl -s https://brave-browser-apt-release.s3.brave.com/brave-core.asc | sudo apt-key 
--keyring /etc/apt/trusted.gpg.d/brave-browser-release.gpg add -
2 Likes

here’s my terminal let me know if you can see it

terminal

You’re missing the second part of that command.

This is what’s needed: curl -s https://brave-browser-apt-release.s3.brave.com/brave-core.asc | sudo apt-key --keyring /etc/apt/trusted.gpg.d/brave-browser-release.gpg add -

but this is all you’ve got in the above screenshot: curl -s https://brave-browser-apt-release.s3.brave.com/brave-core.asc | sudo apt-key

Also, you might need to do apt-key --keyring /etc/apt/trusted.gpg del D8BAD4DE7EE17AF52A834B2D0BB75829C2D4E821 to get rid of all copies of the old key.

2 Likes

SOLVED…Okay there is no key error and I have one less key saved

ter2

thank you all for your help is this the end of it?

if any of you are interested on a different outcome on an almost duplicate machine, let me know

Glad to see you got it working! I am interested to see what you are seeing on that other machine. Could you please post the details in a new topic?

1 Like
1 Like

Hello. I had a problem with this also. A few days ago, Brave stopped upgrading in my Lubuntu 16.04 installation; lots of KEYEXPIRED messages. I looked in my /etc/apt/trusted.gpg keyring and found:
pub 4096R/C2D4E821 2018-10-15 [expired: 2019-04-13]
uid Brave Software support@brave.com

I deleted this key and then ran the procedure found in https://support.brave.com/hc/en-us/articles/360018666072-How-do-I-install-Brave-on-Linux-using-the-terminal-

Which then worked. Note there still exists the 448EEE6C Brave key in my /etc/apt/trusted.gpg keyring, but now the C2D4E821 Brave key resides in my /etc/apt/trusted.gpg.d/brave-browser-release.gpg keyring.

I suggest modifying those linux command line install instructions to remove this C2D4E821 key first, if it exists.

Hello paul48
If you read through the procedure, fmarier and Mattches
both had to walk me through it.
I run Linux Mint 18.3 which has the same Ubuntu base as yours.
That procedure leaves the key C2D4E821 as correct because brave-keyring updated
to version 1.2 last on my machine last night.

I just checked my backup machine and it has the 6A8A26F9, 448EEE6C and C2D4E821 keys. It has updated to brave-keyring version 1.2

Seems to me, one should not have to manually access an installation procedure, to accomplish a minor upgrade.

The fix by Mattches above is the correct work-around. I don’t know why it works for some and not needed by others, but that may have to do with the key expiration date.

I tried to do the fix manually first on a duplicate machine and
that’s what got me into trouble.