packages.sury.org - New Signing Key
- fulltilt
- Thread is marked as Resolved.
-
Just to clarify a little, the link point to a publication dated on March 2019, where a leak of the signing key did occur.
Lately, the issue was not the same, the certificate passed it validity date and he get renewed (same key, but expire in 2024 now, if I'm not wrong
) -
-
Just to clarify a little, the link point to a publication dated on March 2019, where a leak of the signing key did occur.
Lately, the issue was not the same, the certificate passed it validity date and he get renewed (same key, but expire in 2024 now, if I'm not wrong
)seems it happend again ...
https://forum.yunohost.org/t/s…-of-apt-due-to-sury/15024
I have tested a few servers today and got the same error, fixed with:
and
-
Yeah, but the root cause is different from the initial link you posted
On your initial link, it was after the key was "stollen".
For this one, just the key which expire
Previous key expire date : pub rsa3072 2019-03-18 [SC] [expired: 2021-03-17]
New key expire date : pub rsa3072 2019-03-18 [SC] [expires: 2024-02-16]
Also, the key didn't changed (this is why we have to delete the actual key, firstly because it's "packaged" with i-MSCP installer and put it in trusted.gpd file, and also we can't get 2 same keys, the one expired having the priority from what I saw).
In 2019, the key did change
-
-
fulltilt
Changed the title of the thread from “packages.sury.org - DPA New Signing Key” to “packages.sury.org - New Signing Key”. -