Hi all,
I notice from time to time that the packages in the opensuse repository end up with an expired signature:
Err:5 https://download.opensuse.org/repositories/security:/zeek/Debian_10 InRelease
The following signatures were invalid: EXPKEYSIG 69D1B2AAEE3D166A security OBS Project <security@build.opensuse.org>
Fetched 1,540 B in 1s (2,506 B/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://download.opensuse.org/repositories/security:/zeek/Debian_10 InRelease: The following signatures were invalid: EXPKEYSIG 69D1B2AAEE3D166A security OBS Project <security@build.opensuse.org>
W: Failed to fetch https://download.opensuse.org/repositories/security:/zeek/Debian_10/InRelease The following signatures were invalid: EXPKEYSIG 69D1B2AAEE3D166A security OBS Project <security@build.opensuse.org>
W: Some index files failed to download. They have been ignored, or old ones used instead.
Is it possible that they've rotated keys and that a new build needs to be triggered in order to get a valid signature? It seems like this condition is something someone could monitor for.
-lou