The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)Ubuntu 18.04 update problemWhat to do with KEYEXPIRED 1555048520 on updating Google Chrome and Earth repositories?Failed to install PlayOnLinuxApt-get failed to fetch from Ubuntu server with error code 404Issues opening everything“Something wicked happened” error in apt-getIs this an error => Starting pkgProblemResolver with broken count: 0E: The repository 'https://download.01.org/gfx/ubuntu/17.04/main zesty Release' does no longer have a Release fileappstreamcli: AppStream system cache was updated, but problems were found: Metadata files have errors: /var/cache/app-info/xmls/fwupd.xmlUbuntu server 18.04 LTS apt unable updateUnable to install dovecot-lmtpd on Ubuntu 18.04 serverhash sum mismatch, you have held broken packages, unable to fetch etchttp://security.debian.org/dists/cosmic/Release 404 Not Found [IP: 151.101.184.204 80]

Antler Helmet: Can it work?

Are my PIs rude or am I just being too sensitive?

What do you call a plan that's an alternative plan in case your initial plan fails?

How can players work together to take actions that are otherwise impossible?

Why is "Consequences inflicted." not a sentence?

Single word antonym of "flightless"

What is the longest distance a 13th-level monk can jump while attacking on the same turn?

How does a Death Domain cleric's Touch of Death feature work with Touch-range spells delivered by familiars?

What would be the ideal power source for a cybernetic eye?

Does surprise arrest existing movement?

How to find all the available tools in macOS terminal?

ListPlot join points by nearest neighbor rather than order

Disable hyphenation for an entire paragraph

Should I discuss the type of campaign with my players?

Is there a "higher Segal conjecture"?

Is it true that "carbohydrates are of no use for the basal metabolic need"?

Dominant seventh chord in the major scale contains diminished triad of the seventh?

Proof involving the spectral radius and the Jordan canonical form

Why did the IBM 650 use bi-quinary?

What LEGO pieces have "real-world" functionality?

Is above average number of years spent on PhD considered a red flag in future academia or industry positions?

How widely used is the term Treppenwitz? Is it something that most Germans know?

Output the ŋarâþ crîþ alphabet song without using (m)any letters

What happens to sewage if there is no river near by?



The following signatures were invalid: EXPKEYSIG 1397BC53640DB551



Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)Ubuntu 18.04 update problemWhat to do with KEYEXPIRED 1555048520 on updating Google Chrome and Earth repositories?Failed to install PlayOnLinuxApt-get failed to fetch from Ubuntu server with error code 404Issues opening everything“Something wicked happened” error in apt-getIs this an error => Starting pkgProblemResolver with broken count: 0E: The repository 'https://download.01.org/gfx/ubuntu/17.04/main zesty Release' does no longer have a Release fileappstreamcli: AppStream system cache was updated, but problems were found: Metadata files have errors: /var/cache/app-info/xmls/fwupd.xmlUbuntu server 18.04 LTS apt unable updateUnable to install dovecot-lmtpd on Ubuntu 18.04 serverhash sum mismatch, you have held broken packages, unable to fetch etchttp://security.debian.org/dists/cosmic/Release 404 Not Found [IP: 151.101.184.204 80]



.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








84















This is Issue 952287: [User Feedback - Stable] Reports of Chrome for Linux failing to install/update due to expired GPG signing key




Today, running apt in all my machines gives this error with the Google PPA (for google-chrome):



me@mymachine:~$ sudo apt clean && sudo apt update && sudo apt full-upgrade -y && sudo apt autoremove -y && sudo apt autoclean -y && sudo snap refresh 
[sudo] password for me:
Ign:1 http://dl.google.com/linux/chrome/deb stable InRelease
Hit:2 http://ppa.launchpad.net/graphics-drivers/ppa/ubuntu bionic InRelease
Hit:3 http://dl.google.com/linux/chrome/deb stable Release
Hit:4 http://archive.ubuntu.com/ubuntu bionic InRelease
Get:5 http://archive.ubuntu.com/ubuntu bionic-updates InRelease [88,7 kB]
Get:6 http://archive.ubuntu.com/ubuntu bionic-backports InRelease [74,6 kB]
Err:7 http://dl.google.com/linux/chrome/deb stable Release.gpg
The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
Get:8 http://archive.ubuntu.com/ubuntu bionic-security InRelease [88,7 kB]
Get:9 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages [574 kB]
Get:10 http://archive.ubuntu.com/ubuntu bionic-updates/main i386 Packages [488 kB]
Get:11 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 DEP-11 Metadata [278 kB]
Get:12 http://archive.ubuntu.com/ubuntu bionic-updates/main DEP-11 48x48 Icons [66,7 kB]
Get:13 http://archive.ubuntu.com/ubuntu bionic-updates/main DEP-11 64x64 Icons [123 kB]
Get:14 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 Packages [756 kB]
Get:15 http://archive.ubuntu.com/ubuntu bionic-updates/universe i386 Packages [745 kB]
Get:16 http://archive.ubuntu.com/ubuntu bionic-updates/universe Translation-en [201 kB]
Get:17 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 DEP-11 Metadata [209 kB]
Get:18 http://archive.ubuntu.com/ubuntu bionic-updates/universe DEP-11 48x48 Icons [191 kB]
Get:19 http://archive.ubuntu.com/ubuntu bionic-updates/universe DEP-11 64x64 Icons [360 kB]
Get:20 http://archive.ubuntu.com/ubuntu bionic-updates/multiverse amd64 DEP-11 Metadata [2.468 B]
Get:21 http://archive.ubuntu.com/ubuntu bionic-backports/universe amd64 DEP-11 Metadata [7.352 B]
Get:22 http://archive.ubuntu.com/ubuntu bionic-security/main amd64 Packages [296 kB]
Get:23 http://archive.ubuntu.com/ubuntu bionic-security/main i386 Packages [216 kB]
Get:24 http://archive.ubuntu.com/ubuntu bionic-security/main amd64 DEP-11 Metadata [204 B]
Get:25 http://archive.ubuntu.com/ubuntu bionic-security/universe i386 Packages [127 kB]
Get:26 http://archive.ubuntu.com/ubuntu bionic-security/universe amd64 Packages [131 kB]
Get:27 http://archive.ubuntu.com/ubuntu bionic-security/universe Translation-en [74,2 kB]
Get:28 http://archive.ubuntu.com/ubuntu bionic-security/universe amd64 DEP-11 Metadata [20,8 kB]
Get:29 http://archive.ubuntu.com/ubuntu bionic-security/universe DEP-11 48x48 Icons [12,2 kB]
Get:30 http://archive.ubuntu.com/ubuntu bionic-security/universe DEP-11 64x64 Icons [50,4 kB]
Get:31 http://archive.ubuntu.com/ubuntu bionic-security/multiverse amd64 DEP-11 Metadata [2.464 B]
Fetched 5.183 kB in 2s (2.131 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://dl.google.com/linux/chrome/deb stable Release: The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
W: Failed to fetch http://dl.google.com/linux/chrome/deb/dists/stable/Release.gpg The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Reading package lists... Done
Building dependency tree
Reading state information... Done
All snaps up to date.



Already tried importing GPG key again with:



wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -


Source: Google Linux Software Repositories



EDIT: add error line in Spanish for better visibility:



Las siguientes firmas no fueron válidas: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>



EDIT2: and French (to cover top 3 languages):



Les signatures suivantes ne sont pas valables : EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>










share|improve this question



















  • 11





    It just happened to me as well.

    – Fred
    Apr 12 at 8:04











  • Sam problem here, reacquiring keys did not help so far, seems to be a problem on googles end.

    – Florian
    Apr 12 at 8:06






  • 8





    upvote this link support.google.com/chrome/thread/4032170?hl=en and wait! We can do nothing more.

    – Carlos Alberto Silveira de And
    Apr 12 at 10:31







  • 1





    I've added a link to the bug report at the top of the post. Please feel free to move it or to delete it.

    – DK Bose
    Apr 12 at 17:01






  • 4





    I think it is fixed now

    – Leo
    Apr 12 at 17:26

















84















This is Issue 952287: [User Feedback - Stable] Reports of Chrome for Linux failing to install/update due to expired GPG signing key




Today, running apt in all my machines gives this error with the Google PPA (for google-chrome):



me@mymachine:~$ sudo apt clean && sudo apt update && sudo apt full-upgrade -y && sudo apt autoremove -y && sudo apt autoclean -y && sudo snap refresh 
[sudo] password for me:
Ign:1 http://dl.google.com/linux/chrome/deb stable InRelease
Hit:2 http://ppa.launchpad.net/graphics-drivers/ppa/ubuntu bionic InRelease
Hit:3 http://dl.google.com/linux/chrome/deb stable Release
Hit:4 http://archive.ubuntu.com/ubuntu bionic InRelease
Get:5 http://archive.ubuntu.com/ubuntu bionic-updates InRelease [88,7 kB]
Get:6 http://archive.ubuntu.com/ubuntu bionic-backports InRelease [74,6 kB]
Err:7 http://dl.google.com/linux/chrome/deb stable Release.gpg
The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
Get:8 http://archive.ubuntu.com/ubuntu bionic-security InRelease [88,7 kB]
Get:9 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages [574 kB]
Get:10 http://archive.ubuntu.com/ubuntu bionic-updates/main i386 Packages [488 kB]
Get:11 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 DEP-11 Metadata [278 kB]
Get:12 http://archive.ubuntu.com/ubuntu bionic-updates/main DEP-11 48x48 Icons [66,7 kB]
Get:13 http://archive.ubuntu.com/ubuntu bionic-updates/main DEP-11 64x64 Icons [123 kB]
Get:14 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 Packages [756 kB]
Get:15 http://archive.ubuntu.com/ubuntu bionic-updates/universe i386 Packages [745 kB]
Get:16 http://archive.ubuntu.com/ubuntu bionic-updates/universe Translation-en [201 kB]
Get:17 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 DEP-11 Metadata [209 kB]
Get:18 http://archive.ubuntu.com/ubuntu bionic-updates/universe DEP-11 48x48 Icons [191 kB]
Get:19 http://archive.ubuntu.com/ubuntu bionic-updates/universe DEP-11 64x64 Icons [360 kB]
Get:20 http://archive.ubuntu.com/ubuntu bionic-updates/multiverse amd64 DEP-11 Metadata [2.468 B]
Get:21 http://archive.ubuntu.com/ubuntu bionic-backports/universe amd64 DEP-11 Metadata [7.352 B]
Get:22 http://archive.ubuntu.com/ubuntu bionic-security/main amd64 Packages [296 kB]
Get:23 http://archive.ubuntu.com/ubuntu bionic-security/main i386 Packages [216 kB]
Get:24 http://archive.ubuntu.com/ubuntu bionic-security/main amd64 DEP-11 Metadata [204 B]
Get:25 http://archive.ubuntu.com/ubuntu bionic-security/universe i386 Packages [127 kB]
Get:26 http://archive.ubuntu.com/ubuntu bionic-security/universe amd64 Packages [131 kB]
Get:27 http://archive.ubuntu.com/ubuntu bionic-security/universe Translation-en [74,2 kB]
Get:28 http://archive.ubuntu.com/ubuntu bionic-security/universe amd64 DEP-11 Metadata [20,8 kB]
Get:29 http://archive.ubuntu.com/ubuntu bionic-security/universe DEP-11 48x48 Icons [12,2 kB]
Get:30 http://archive.ubuntu.com/ubuntu bionic-security/universe DEP-11 64x64 Icons [50,4 kB]
Get:31 http://archive.ubuntu.com/ubuntu bionic-security/multiverse amd64 DEP-11 Metadata [2.464 B]
Fetched 5.183 kB in 2s (2.131 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://dl.google.com/linux/chrome/deb stable Release: The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
W: Failed to fetch http://dl.google.com/linux/chrome/deb/dists/stable/Release.gpg The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Reading package lists... Done
Building dependency tree
Reading state information... Done
All snaps up to date.



Already tried importing GPG key again with:



wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -


Source: Google Linux Software Repositories



EDIT: add error line in Spanish for better visibility:



Las siguientes firmas no fueron válidas: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>



EDIT2: and French (to cover top 3 languages):



Les signatures suivantes ne sont pas valables : EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>










share|improve this question



















  • 11





    It just happened to me as well.

    – Fred
    Apr 12 at 8:04











  • Sam problem here, reacquiring keys did not help so far, seems to be a problem on googles end.

    – Florian
    Apr 12 at 8:06






  • 8





    upvote this link support.google.com/chrome/thread/4032170?hl=en and wait! We can do nothing more.

    – Carlos Alberto Silveira de And
    Apr 12 at 10:31







  • 1





    I've added a link to the bug report at the top of the post. Please feel free to move it or to delete it.

    – DK Bose
    Apr 12 at 17:01






  • 4





    I think it is fixed now

    – Leo
    Apr 12 at 17:26













84












84








84


21






This is Issue 952287: [User Feedback - Stable] Reports of Chrome for Linux failing to install/update due to expired GPG signing key




Today, running apt in all my machines gives this error with the Google PPA (for google-chrome):



me@mymachine:~$ sudo apt clean && sudo apt update && sudo apt full-upgrade -y && sudo apt autoremove -y && sudo apt autoclean -y && sudo snap refresh 
[sudo] password for me:
Ign:1 http://dl.google.com/linux/chrome/deb stable InRelease
Hit:2 http://ppa.launchpad.net/graphics-drivers/ppa/ubuntu bionic InRelease
Hit:3 http://dl.google.com/linux/chrome/deb stable Release
Hit:4 http://archive.ubuntu.com/ubuntu bionic InRelease
Get:5 http://archive.ubuntu.com/ubuntu bionic-updates InRelease [88,7 kB]
Get:6 http://archive.ubuntu.com/ubuntu bionic-backports InRelease [74,6 kB]
Err:7 http://dl.google.com/linux/chrome/deb stable Release.gpg
The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
Get:8 http://archive.ubuntu.com/ubuntu bionic-security InRelease [88,7 kB]
Get:9 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages [574 kB]
Get:10 http://archive.ubuntu.com/ubuntu bionic-updates/main i386 Packages [488 kB]
Get:11 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 DEP-11 Metadata [278 kB]
Get:12 http://archive.ubuntu.com/ubuntu bionic-updates/main DEP-11 48x48 Icons [66,7 kB]
Get:13 http://archive.ubuntu.com/ubuntu bionic-updates/main DEP-11 64x64 Icons [123 kB]
Get:14 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 Packages [756 kB]
Get:15 http://archive.ubuntu.com/ubuntu bionic-updates/universe i386 Packages [745 kB]
Get:16 http://archive.ubuntu.com/ubuntu bionic-updates/universe Translation-en [201 kB]
Get:17 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 DEP-11 Metadata [209 kB]
Get:18 http://archive.ubuntu.com/ubuntu bionic-updates/universe DEP-11 48x48 Icons [191 kB]
Get:19 http://archive.ubuntu.com/ubuntu bionic-updates/universe DEP-11 64x64 Icons [360 kB]
Get:20 http://archive.ubuntu.com/ubuntu bionic-updates/multiverse amd64 DEP-11 Metadata [2.468 B]
Get:21 http://archive.ubuntu.com/ubuntu bionic-backports/universe amd64 DEP-11 Metadata [7.352 B]
Get:22 http://archive.ubuntu.com/ubuntu bionic-security/main amd64 Packages [296 kB]
Get:23 http://archive.ubuntu.com/ubuntu bionic-security/main i386 Packages [216 kB]
Get:24 http://archive.ubuntu.com/ubuntu bionic-security/main amd64 DEP-11 Metadata [204 B]
Get:25 http://archive.ubuntu.com/ubuntu bionic-security/universe i386 Packages [127 kB]
Get:26 http://archive.ubuntu.com/ubuntu bionic-security/universe amd64 Packages [131 kB]
Get:27 http://archive.ubuntu.com/ubuntu bionic-security/universe Translation-en [74,2 kB]
Get:28 http://archive.ubuntu.com/ubuntu bionic-security/universe amd64 DEP-11 Metadata [20,8 kB]
Get:29 http://archive.ubuntu.com/ubuntu bionic-security/universe DEP-11 48x48 Icons [12,2 kB]
Get:30 http://archive.ubuntu.com/ubuntu bionic-security/universe DEP-11 64x64 Icons [50,4 kB]
Get:31 http://archive.ubuntu.com/ubuntu bionic-security/multiverse amd64 DEP-11 Metadata [2.464 B]
Fetched 5.183 kB in 2s (2.131 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://dl.google.com/linux/chrome/deb stable Release: The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
W: Failed to fetch http://dl.google.com/linux/chrome/deb/dists/stable/Release.gpg The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Reading package lists... Done
Building dependency tree
Reading state information... Done
All snaps up to date.



Already tried importing GPG key again with:



wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -


Source: Google Linux Software Repositories



EDIT: add error line in Spanish for better visibility:



Las siguientes firmas no fueron válidas: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>



EDIT2: and French (to cover top 3 languages):



Les signatures suivantes ne sont pas valables : EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>










share|improve this question
















This is Issue 952287: [User Feedback - Stable] Reports of Chrome for Linux failing to install/update due to expired GPG signing key




Today, running apt in all my machines gives this error with the Google PPA (for google-chrome):



me@mymachine:~$ sudo apt clean && sudo apt update && sudo apt full-upgrade -y && sudo apt autoremove -y && sudo apt autoclean -y && sudo snap refresh 
[sudo] password for me:
Ign:1 http://dl.google.com/linux/chrome/deb stable InRelease
Hit:2 http://ppa.launchpad.net/graphics-drivers/ppa/ubuntu bionic InRelease
Hit:3 http://dl.google.com/linux/chrome/deb stable Release
Hit:4 http://archive.ubuntu.com/ubuntu bionic InRelease
Get:5 http://archive.ubuntu.com/ubuntu bionic-updates InRelease [88,7 kB]
Get:6 http://archive.ubuntu.com/ubuntu bionic-backports InRelease [74,6 kB]
Err:7 http://dl.google.com/linux/chrome/deb stable Release.gpg
The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
Get:8 http://archive.ubuntu.com/ubuntu bionic-security InRelease [88,7 kB]
Get:9 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages [574 kB]
Get:10 http://archive.ubuntu.com/ubuntu bionic-updates/main i386 Packages [488 kB]
Get:11 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 DEP-11 Metadata [278 kB]
Get:12 http://archive.ubuntu.com/ubuntu bionic-updates/main DEP-11 48x48 Icons [66,7 kB]
Get:13 http://archive.ubuntu.com/ubuntu bionic-updates/main DEP-11 64x64 Icons [123 kB]
Get:14 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 Packages [756 kB]
Get:15 http://archive.ubuntu.com/ubuntu bionic-updates/universe i386 Packages [745 kB]
Get:16 http://archive.ubuntu.com/ubuntu bionic-updates/universe Translation-en [201 kB]
Get:17 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 DEP-11 Metadata [209 kB]
Get:18 http://archive.ubuntu.com/ubuntu bionic-updates/universe DEP-11 48x48 Icons [191 kB]
Get:19 http://archive.ubuntu.com/ubuntu bionic-updates/universe DEP-11 64x64 Icons [360 kB]
Get:20 http://archive.ubuntu.com/ubuntu bionic-updates/multiverse amd64 DEP-11 Metadata [2.468 B]
Get:21 http://archive.ubuntu.com/ubuntu bionic-backports/universe amd64 DEP-11 Metadata [7.352 B]
Get:22 http://archive.ubuntu.com/ubuntu bionic-security/main amd64 Packages [296 kB]
Get:23 http://archive.ubuntu.com/ubuntu bionic-security/main i386 Packages [216 kB]
Get:24 http://archive.ubuntu.com/ubuntu bionic-security/main amd64 DEP-11 Metadata [204 B]
Get:25 http://archive.ubuntu.com/ubuntu bionic-security/universe i386 Packages [127 kB]
Get:26 http://archive.ubuntu.com/ubuntu bionic-security/universe amd64 Packages [131 kB]
Get:27 http://archive.ubuntu.com/ubuntu bionic-security/universe Translation-en [74,2 kB]
Get:28 http://archive.ubuntu.com/ubuntu bionic-security/universe amd64 DEP-11 Metadata [20,8 kB]
Get:29 http://archive.ubuntu.com/ubuntu bionic-security/universe DEP-11 48x48 Icons [12,2 kB]
Get:30 http://archive.ubuntu.com/ubuntu bionic-security/universe DEP-11 64x64 Icons [50,4 kB]
Get:31 http://archive.ubuntu.com/ubuntu bionic-security/multiverse amd64 DEP-11 Metadata [2.464 B]
Fetched 5.183 kB in 2s (2.131 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://dl.google.com/linux/chrome/deb stable Release: The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
W: Failed to fetch http://dl.google.com/linux/chrome/deb/dists/stable/Release.gpg The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Reading package lists... Done
Building dependency tree
Reading state information... Done
All snaps up to date.



Already tried importing GPG key again with:



wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -


Source: Google Linux Software Repositories



EDIT: add error line in Spanish for better visibility:



Las siguientes firmas no fueron válidas: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>



EDIT2: and French (to cover top 3 languages):



Les signatures suivantes ne sont pas valables : EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>







apt 18.04 updates google-chrome ppa






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Apr 12 at 16:59









DK Bose

15.1k124389




15.1k124389










asked Apr 12 at 7:53









LeoLeo

3,05311232




3,05311232







  • 11





    It just happened to me as well.

    – Fred
    Apr 12 at 8:04











  • Sam problem here, reacquiring keys did not help so far, seems to be a problem on googles end.

    – Florian
    Apr 12 at 8:06






  • 8





    upvote this link support.google.com/chrome/thread/4032170?hl=en and wait! We can do nothing more.

    – Carlos Alberto Silveira de And
    Apr 12 at 10:31







  • 1





    I've added a link to the bug report at the top of the post. Please feel free to move it or to delete it.

    – DK Bose
    Apr 12 at 17:01






  • 4





    I think it is fixed now

    – Leo
    Apr 12 at 17:26












  • 11





    It just happened to me as well.

    – Fred
    Apr 12 at 8:04











  • Sam problem here, reacquiring keys did not help so far, seems to be a problem on googles end.

    – Florian
    Apr 12 at 8:06






  • 8





    upvote this link support.google.com/chrome/thread/4032170?hl=en and wait! We can do nothing more.

    – Carlos Alberto Silveira de And
    Apr 12 at 10:31







  • 1





    I've added a link to the bug report at the top of the post. Please feel free to move it or to delete it.

    – DK Bose
    Apr 12 at 17:01






  • 4





    I think it is fixed now

    – Leo
    Apr 12 at 17:26







11




11





It just happened to me as well.

– Fred
Apr 12 at 8:04





It just happened to me as well.

– Fred
Apr 12 at 8:04













Sam problem here, reacquiring keys did not help so far, seems to be a problem on googles end.

– Florian
Apr 12 at 8:06





Sam problem here, reacquiring keys did not help so far, seems to be a problem on googles end.

– Florian
Apr 12 at 8:06




8




8





upvote this link support.google.com/chrome/thread/4032170?hl=en and wait! We can do nothing more.

– Carlos Alberto Silveira de And
Apr 12 at 10:31






upvote this link support.google.com/chrome/thread/4032170?hl=en and wait! We can do nothing more.

– Carlos Alberto Silveira de And
Apr 12 at 10:31





1




1





I've added a link to the bug report at the top of the post. Please feel free to move it or to delete it.

– DK Bose
Apr 12 at 17:01





I've added a link to the bug report at the top of the post. Please feel free to move it or to delete it.

– DK Bose
Apr 12 at 17:01




4




4





I think it is fixed now

– Leo
Apr 12 at 17:26





I think it is fixed now

– Leo
Apr 12 at 17:26










9 Answers
9






active

oldest

votes


















62














This is the protection you are getting from these checks. You don't want to update your software right now while something is messed up on Google's end. Wait until they fix it. Don't try to override by reinstalling keys until some official word comes out that a new key is the solution.






share|improve this answer








New contributor




yareckon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 9





    Waiting until they fix it may not be an option for all. E.g. this is breaking CI pipelines for us. If you now what you are doing, you might take the risk and disable checks for this repo for now by adding [trusted=yes] to it's configuration: deb [trusted=yes] http://dl.google.com/linux/chrome/deb/ stable main

    – jelhan
    Apr 12 at 8:48






  • 4





    It's not the first time this happens. I remember having this same issue with google at least 2 more times over the last years. I wonder what's going on at Google and why they can't keep their stuff together.

    – Michael Härtl
    Apr 12 at 9:48






  • 4





    @jelhan That’s why CI pipelines ideally tap into local mirrors/caches rather than going directly upstream.

    – Konrad Rudolph
    Apr 12 at 11:16






  • 1





    @MichaelHärtl I've been watching Google and meritocracy seems to be out of vogue.

    – DK Bose
    Apr 12 at 14:02






  • 5





    trusted=yes defeats the whole purpose of digital signing and basically compromise your whole system. You should not do that lightly, especially not a good idea for a "temporary workaround".

    – kissgyorgy
    Apr 12 at 16:49


















33














Apparently Google did not extend the validity of the signing cert...
it was due to end today and so it did.
https://pgp.surfnet.nl/pks/lookup?op=vindex&fingerprint=on&search=0x7721F63BD38B4796



maybe Google will change it, today or so… then the update of the cert should work fine and everything should go back to normal.






share|improve this answer








New contributor




DooMMasteR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.



























    13














    the problem was solved by Google Abr 12/2019



    enter image description here
    There's nothing to do. The repository has already been signed



    source: https://support.google.com/chrome/thread/4032170






    share|improve this answer























    • Where did you report that? Google still hasn't fixed it on certain other repositories, e.g. the Music Manager, so I would like to report that as well.

      – Paddy Landau
      14 hours ago


















    9














    Looks like Google's signing keys expired. Be patient and wait for them to fix them (which may or may not require re-adding the key after they fixed it).






    share|improve this answer






























      1














      For anyone not patient enough for google to update cert...



      you can fix this with the following steps :



      1. Download this : https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

      (chrome new version, you can get it yourself by googling chrome)



      1. Close Chrome.

      2. Open "Software and Sources", go to the "Sources" tab

      3. Remove (or disable if you wish to re-enable it at a later time) the Google source (type your password) and close the window

      4. Allow "Software and Sources" to reload sources

      5. Go into Software Center, go to "Installed"

      6. Find Chrome, uninstall it.

      7. Close software and sources


      8. Open a terminal, type :



        sudo apt update && sudo apt autoremove -y && sudo apt autoclean && sudo apt full-upgrade -y



      9. Close the terminal and go to your downloads folder and double click the file "google-chrome-stable_current_amd64.deb" (this will open Software Center)


      10. Click Install

      you can now open chrome back up. all your tabs and saved passwords ect are still there.






      share|improve this answer

























      • @CarlosAlbertoSilveiradeAnd said "Great!!, work for me! Thanks" but as an edit to my post because he doesn't know how to use this site yet.... I'm adding it so people know it worked for someone.

        – tatsu
        Apr 12 at 16:31


















      0














      You don't. You must wait for Google to renew their keys and for an update.



      The important message is:




      The following signatures were invalid: EXPKEYSIG 1397BC53640DB551
      Google Inc. (Linux Packages Signing Authority)




      It means that the cryptographic signature is invalid. The source of this can be an attack, a misconfiguration, or other kind of technical problem. Forcing your system to update will result in running an unverified version of your web browser, which can expose you to a lot of security troubles.



      source






      share|improve this answer








      New contributor




      sxn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.



























        0














        Google needs to update there GPG key. You can however mark the deb source as trusted, until Google renews their key:




        1. cd /var/lib/apt/lists

        2. sudo rm
          dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages
          dl.google.com_linux_chrome_deb_dists_stable_Release
          dl.google.com_linux_chrome_deb_dists_stable_Release.gpg


        3. add trusted=yes in your /etc/apt/sources.list.d/google-chrome.list file, for it to look like this: deb [arch=amd64, trusted=yes] https://dl.google.com/linux/chrome/deb/ stable main


        4. apt clean


        5. apt update


        You still get an invalid GPG error, but you can ignore it for now.



        NOTE: Be careful as this may bring security issues, on non trusted networks, when no https is used in the deb source link.



        EDIT: GPG warning no longer appears. Google has renewed their key. If you followed the solution above, just remove the trusted=yes part, then apt clean & finally apt update. You should no longer see any error :D






        share|improve this answer




















        • 2





          Don't do this. If for no other reason than the source being unencrypted. If you did this, forgot all about it and then strayed onto a bad network, it could easily intercept and subvert the Release, packages.list, and therefore essentially run anything it liked as root on your computer. It's not a good idea.

          – Oli
          Apr 12 at 12:51






        • 2





          You've missed my point. If somebody can intercept your network traffic, they can pretend to be Google. There's no TLS on a http:// connection. Normally Apt has your back here because they check that all release and package lists are signed. If you intercepted this normally —and maliciously changed something— you'd see a signing error. You're bypassing that whole mechanism here.

          – Oli
          Apr 12 at 13:29






        • 1





          Indeed. Thanks for the explanation

          – Dimitris Moraitidis
          Apr 12 at 13:39






        • 2





          Agreed, but you can temporarily just make it https with trusted=yes (for now, assuming you're not being TLS MiTM). For example: deb [arch=amd64, trusted=yes] https://dl.google.com/linux/chrome/deb/ stable main

          – link_boy
          Apr 12 at 14:27







        • 1





          Also indeed. So I guess my recent edit, I should at least go back to 0 instead of -2 :P

          – Dimitris Moraitidis
          Apr 12 at 14:33


















        0














        Looks like, as @DooMMasteR said, Google let signing cert expire for their Linux repositories, which due date was April 12th. @yareckon explained that this apt security error is working as expected to prevent badly signed software being installed.



        9 hours after the issue was posted, Google fixed certs transparently for the users using Google Chrome repo. The error stopped after they renewed the certs, progressively also on the rest of Google owned repos (Google Earth, Google Music Manager...).



        No action is needed (and recommended) from users side, just waiting for the repos in use to be signed with renewed keys.






        share|improve this answer






























          0














          April 15, and I'm still getting this error with the Google Earth and Music Manager repositories. They sure are taking their sweet time with this.






          share|improve this answer





















            protected by Community Apr 12 at 17:03



            Thank you for your interest in this question.
            Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).



            Would you like to answer one of these unanswered questions instead?














            9 Answers
            9






            active

            oldest

            votes








            9 Answers
            9






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            62














            This is the protection you are getting from these checks. You don't want to update your software right now while something is messed up on Google's end. Wait until they fix it. Don't try to override by reinstalling keys until some official word comes out that a new key is the solution.






            share|improve this answer








            New contributor




            yareckon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
            Check out our Code of Conduct.















            • 9





              Waiting until they fix it may not be an option for all. E.g. this is breaking CI pipelines for us. If you now what you are doing, you might take the risk and disable checks for this repo for now by adding [trusted=yes] to it's configuration: deb [trusted=yes] http://dl.google.com/linux/chrome/deb/ stable main

              – jelhan
              Apr 12 at 8:48






            • 4





              It's not the first time this happens. I remember having this same issue with google at least 2 more times over the last years. I wonder what's going on at Google and why they can't keep their stuff together.

              – Michael Härtl
              Apr 12 at 9:48






            • 4





              @jelhan That’s why CI pipelines ideally tap into local mirrors/caches rather than going directly upstream.

              – Konrad Rudolph
              Apr 12 at 11:16






            • 1





              @MichaelHärtl I've been watching Google and meritocracy seems to be out of vogue.

              – DK Bose
              Apr 12 at 14:02






            • 5





              trusted=yes defeats the whole purpose of digital signing and basically compromise your whole system. You should not do that lightly, especially not a good idea for a "temporary workaround".

              – kissgyorgy
              Apr 12 at 16:49















            62














            This is the protection you are getting from these checks. You don't want to update your software right now while something is messed up on Google's end. Wait until they fix it. Don't try to override by reinstalling keys until some official word comes out that a new key is the solution.






            share|improve this answer








            New contributor




            yareckon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
            Check out our Code of Conduct.















            • 9





              Waiting until they fix it may not be an option for all. E.g. this is breaking CI pipelines for us. If you now what you are doing, you might take the risk and disable checks for this repo for now by adding [trusted=yes] to it's configuration: deb [trusted=yes] http://dl.google.com/linux/chrome/deb/ stable main

              – jelhan
              Apr 12 at 8:48






            • 4





              It's not the first time this happens. I remember having this same issue with google at least 2 more times over the last years. I wonder what's going on at Google and why they can't keep their stuff together.

              – Michael Härtl
              Apr 12 at 9:48






            • 4





              @jelhan That’s why CI pipelines ideally tap into local mirrors/caches rather than going directly upstream.

              – Konrad Rudolph
              Apr 12 at 11:16






            • 1





              @MichaelHärtl I've been watching Google and meritocracy seems to be out of vogue.

              – DK Bose
              Apr 12 at 14:02






            • 5





              trusted=yes defeats the whole purpose of digital signing and basically compromise your whole system. You should not do that lightly, especially not a good idea for a "temporary workaround".

              – kissgyorgy
              Apr 12 at 16:49













            62












            62








            62







            This is the protection you are getting from these checks. You don't want to update your software right now while something is messed up on Google's end. Wait until they fix it. Don't try to override by reinstalling keys until some official word comes out that a new key is the solution.






            share|improve this answer








            New contributor




            yareckon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
            Check out our Code of Conduct.










            This is the protection you are getting from these checks. You don't want to update your software right now while something is messed up on Google's end. Wait until they fix it. Don't try to override by reinstalling keys until some official word comes out that a new key is the solution.







            share|improve this answer








            New contributor




            yareckon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
            Check out our Code of Conduct.









            share|improve this answer



            share|improve this answer






            New contributor




            yareckon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
            Check out our Code of Conduct.









            answered Apr 12 at 8:08









            yareckonyareckon

            40113




            40113




            New contributor




            yareckon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
            Check out our Code of Conduct.





            New contributor





            yareckon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
            Check out our Code of Conduct.






            yareckon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
            Check out our Code of Conduct.







            • 9





              Waiting until they fix it may not be an option for all. E.g. this is breaking CI pipelines for us. If you now what you are doing, you might take the risk and disable checks for this repo for now by adding [trusted=yes] to it's configuration: deb [trusted=yes] http://dl.google.com/linux/chrome/deb/ stable main

              – jelhan
              Apr 12 at 8:48






            • 4





              It's not the first time this happens. I remember having this same issue with google at least 2 more times over the last years. I wonder what's going on at Google and why they can't keep their stuff together.

              – Michael Härtl
              Apr 12 at 9:48






            • 4





              @jelhan That’s why CI pipelines ideally tap into local mirrors/caches rather than going directly upstream.

              – Konrad Rudolph
              Apr 12 at 11:16






            • 1





              @MichaelHärtl I've been watching Google and meritocracy seems to be out of vogue.

              – DK Bose
              Apr 12 at 14:02






            • 5





              trusted=yes defeats the whole purpose of digital signing and basically compromise your whole system. You should not do that lightly, especially not a good idea for a "temporary workaround".

              – kissgyorgy
              Apr 12 at 16:49












            • 9





              Waiting until they fix it may not be an option for all. E.g. this is breaking CI pipelines for us. If you now what you are doing, you might take the risk and disable checks for this repo for now by adding [trusted=yes] to it's configuration: deb [trusted=yes] http://dl.google.com/linux/chrome/deb/ stable main

              – jelhan
              Apr 12 at 8:48






            • 4





              It's not the first time this happens. I remember having this same issue with google at least 2 more times over the last years. I wonder what's going on at Google and why they can't keep their stuff together.

              – Michael Härtl
              Apr 12 at 9:48






            • 4





              @jelhan That’s why CI pipelines ideally tap into local mirrors/caches rather than going directly upstream.

              – Konrad Rudolph
              Apr 12 at 11:16






            • 1





              @MichaelHärtl I've been watching Google and meritocracy seems to be out of vogue.

              – DK Bose
              Apr 12 at 14:02






            • 5





              trusted=yes defeats the whole purpose of digital signing and basically compromise your whole system. You should not do that lightly, especially not a good idea for a "temporary workaround".

              – kissgyorgy
              Apr 12 at 16:49







            9




            9





            Waiting until they fix it may not be an option for all. E.g. this is breaking CI pipelines for us. If you now what you are doing, you might take the risk and disable checks for this repo for now by adding [trusted=yes] to it's configuration: deb [trusted=yes] http://dl.google.com/linux/chrome/deb/ stable main

            – jelhan
            Apr 12 at 8:48





            Waiting until they fix it may not be an option for all. E.g. this is breaking CI pipelines for us. If you now what you are doing, you might take the risk and disable checks for this repo for now by adding [trusted=yes] to it's configuration: deb [trusted=yes] http://dl.google.com/linux/chrome/deb/ stable main

            – jelhan
            Apr 12 at 8:48




            4




            4





            It's not the first time this happens. I remember having this same issue with google at least 2 more times over the last years. I wonder what's going on at Google and why they can't keep their stuff together.

            – Michael Härtl
            Apr 12 at 9:48





            It's not the first time this happens. I remember having this same issue with google at least 2 more times over the last years. I wonder what's going on at Google and why they can't keep their stuff together.

            – Michael Härtl
            Apr 12 at 9:48




            4




            4





            @jelhan That’s why CI pipelines ideally tap into local mirrors/caches rather than going directly upstream.

            – Konrad Rudolph
            Apr 12 at 11:16





            @jelhan That’s why CI pipelines ideally tap into local mirrors/caches rather than going directly upstream.

            – Konrad Rudolph
            Apr 12 at 11:16




            1




            1





            @MichaelHärtl I've been watching Google and meritocracy seems to be out of vogue.

            – DK Bose
            Apr 12 at 14:02





            @MichaelHärtl I've been watching Google and meritocracy seems to be out of vogue.

            – DK Bose
            Apr 12 at 14:02




            5




            5





            trusted=yes defeats the whole purpose of digital signing and basically compromise your whole system. You should not do that lightly, especially not a good idea for a "temporary workaround".

            – kissgyorgy
            Apr 12 at 16:49





            trusted=yes defeats the whole purpose of digital signing and basically compromise your whole system. You should not do that lightly, especially not a good idea for a "temporary workaround".

            – kissgyorgy
            Apr 12 at 16:49













            33














            Apparently Google did not extend the validity of the signing cert...
            it was due to end today and so it did.
            https://pgp.surfnet.nl/pks/lookup?op=vindex&fingerprint=on&search=0x7721F63BD38B4796



            maybe Google will change it, today or so… then the update of the cert should work fine and everything should go back to normal.






            share|improve this answer








            New contributor




            DooMMasteR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
            Check out our Code of Conduct.
























              33














              Apparently Google did not extend the validity of the signing cert...
              it was due to end today and so it did.
              https://pgp.surfnet.nl/pks/lookup?op=vindex&fingerprint=on&search=0x7721F63BD38B4796



              maybe Google will change it, today or so… then the update of the cert should work fine and everything should go back to normal.






              share|improve this answer








              New contributor




              DooMMasteR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.






















                33












                33








                33







                Apparently Google did not extend the validity of the signing cert...
                it was due to end today and so it did.
                https://pgp.surfnet.nl/pks/lookup?op=vindex&fingerprint=on&search=0x7721F63BD38B4796



                maybe Google will change it, today or so… then the update of the cert should work fine and everything should go back to normal.






                share|improve this answer








                New contributor




                DooMMasteR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.










                Apparently Google did not extend the validity of the signing cert...
                it was due to end today and so it did.
                https://pgp.surfnet.nl/pks/lookup?op=vindex&fingerprint=on&search=0x7721F63BD38B4796



                maybe Google will change it, today or so… then the update of the cert should work fine and everything should go back to normal.







                share|improve this answer








                New contributor




                DooMMasteR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.









                share|improve this answer



                share|improve this answer






                New contributor




                DooMMasteR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.









                answered Apr 12 at 8:16









                DooMMasteRDooMMasteR

                34125




                34125




                New contributor




                DooMMasteR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.





                New contributor





                DooMMasteR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.






                DooMMasteR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.





















                    13














                    the problem was solved by Google Abr 12/2019



                    enter image description here
                    There's nothing to do. The repository has already been signed



                    source: https://support.google.com/chrome/thread/4032170






                    share|improve this answer























                    • Where did you report that? Google still hasn't fixed it on certain other repositories, e.g. the Music Manager, so I would like to report that as well.

                      – Paddy Landau
                      14 hours ago















                    13














                    the problem was solved by Google Abr 12/2019



                    enter image description here
                    There's nothing to do. The repository has already been signed



                    source: https://support.google.com/chrome/thread/4032170






                    share|improve this answer























                    • Where did you report that? Google still hasn't fixed it on certain other repositories, e.g. the Music Manager, so I would like to report that as well.

                      – Paddy Landau
                      14 hours ago













                    13












                    13








                    13







                    the problem was solved by Google Abr 12/2019



                    enter image description here
                    There's nothing to do. The repository has already been signed



                    source: https://support.google.com/chrome/thread/4032170






                    share|improve this answer













                    the problem was solved by Google Abr 12/2019



                    enter image description here
                    There's nothing to do. The repository has already been signed



                    source: https://support.google.com/chrome/thread/4032170







                    share|improve this answer












                    share|improve this answer



                    share|improve this answer










                    answered Apr 12 at 18:59









                    ajcgajcg

                    898412




                    898412












                    • Where did you report that? Google still hasn't fixed it on certain other repositories, e.g. the Music Manager, so I would like to report that as well.

                      – Paddy Landau
                      14 hours ago

















                    • Where did you report that? Google still hasn't fixed it on certain other repositories, e.g. the Music Manager, so I would like to report that as well.

                      – Paddy Landau
                      14 hours ago
















                    Where did you report that? Google still hasn't fixed it on certain other repositories, e.g. the Music Manager, so I would like to report that as well.

                    – Paddy Landau
                    14 hours ago





                    Where did you report that? Google still hasn't fixed it on certain other repositories, e.g. the Music Manager, so I would like to report that as well.

                    – Paddy Landau
                    14 hours ago











                    9














                    Looks like Google's signing keys expired. Be patient and wait for them to fix them (which may or may not require re-adding the key after they fixed it).






                    share|improve this answer



























                      9














                      Looks like Google's signing keys expired. Be patient and wait for them to fix them (which may or may not require re-adding the key after they fixed it).






                      share|improve this answer

























                        9












                        9








                        9







                        Looks like Google's signing keys expired. Be patient and wait for them to fix them (which may or may not require re-adding the key after they fixed it).






                        share|improve this answer













                        Looks like Google's signing keys expired. Be patient and wait for them to fix them (which may or may not require re-adding the key after they fixed it).







                        share|improve this answer












                        share|improve this answer



                        share|improve this answer










                        answered Apr 12 at 8:10









                        paed808paed808

                        404310




                        404310





















                            1














                            For anyone not patient enough for google to update cert...



                            you can fix this with the following steps :



                            1. Download this : https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

                            (chrome new version, you can get it yourself by googling chrome)



                            1. Close Chrome.

                            2. Open "Software and Sources", go to the "Sources" tab

                            3. Remove (or disable if you wish to re-enable it at a later time) the Google source (type your password) and close the window

                            4. Allow "Software and Sources" to reload sources

                            5. Go into Software Center, go to "Installed"

                            6. Find Chrome, uninstall it.

                            7. Close software and sources


                            8. Open a terminal, type :



                              sudo apt update && sudo apt autoremove -y && sudo apt autoclean && sudo apt full-upgrade -y



                            9. Close the terminal and go to your downloads folder and double click the file "google-chrome-stable_current_amd64.deb" (this will open Software Center)


                            10. Click Install

                            you can now open chrome back up. all your tabs and saved passwords ect are still there.






                            share|improve this answer

























                            • @CarlosAlbertoSilveiradeAnd said "Great!!, work for me! Thanks" but as an edit to my post because he doesn't know how to use this site yet.... I'm adding it so people know it worked for someone.

                              – tatsu
                              Apr 12 at 16:31















                            1














                            For anyone not patient enough for google to update cert...



                            you can fix this with the following steps :



                            1. Download this : https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

                            (chrome new version, you can get it yourself by googling chrome)



                            1. Close Chrome.

                            2. Open "Software and Sources", go to the "Sources" tab

                            3. Remove (or disable if you wish to re-enable it at a later time) the Google source (type your password) and close the window

                            4. Allow "Software and Sources" to reload sources

                            5. Go into Software Center, go to "Installed"

                            6. Find Chrome, uninstall it.

                            7. Close software and sources


                            8. Open a terminal, type :



                              sudo apt update && sudo apt autoremove -y && sudo apt autoclean && sudo apt full-upgrade -y



                            9. Close the terminal and go to your downloads folder and double click the file "google-chrome-stable_current_amd64.deb" (this will open Software Center)


                            10. Click Install

                            you can now open chrome back up. all your tabs and saved passwords ect are still there.






                            share|improve this answer

























                            • @CarlosAlbertoSilveiradeAnd said "Great!!, work for me! Thanks" but as an edit to my post because he doesn't know how to use this site yet.... I'm adding it so people know it worked for someone.

                              – tatsu
                              Apr 12 at 16:31













                            1












                            1








                            1







                            For anyone not patient enough for google to update cert...



                            you can fix this with the following steps :



                            1. Download this : https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

                            (chrome new version, you can get it yourself by googling chrome)



                            1. Close Chrome.

                            2. Open "Software and Sources", go to the "Sources" tab

                            3. Remove (or disable if you wish to re-enable it at a later time) the Google source (type your password) and close the window

                            4. Allow "Software and Sources" to reload sources

                            5. Go into Software Center, go to "Installed"

                            6. Find Chrome, uninstall it.

                            7. Close software and sources


                            8. Open a terminal, type :



                              sudo apt update && sudo apt autoremove -y && sudo apt autoclean && sudo apt full-upgrade -y



                            9. Close the terminal and go to your downloads folder and double click the file "google-chrome-stable_current_amd64.deb" (this will open Software Center)


                            10. Click Install

                            you can now open chrome back up. all your tabs and saved passwords ect are still there.






                            share|improve this answer















                            For anyone not patient enough for google to update cert...



                            you can fix this with the following steps :



                            1. Download this : https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

                            (chrome new version, you can get it yourself by googling chrome)



                            1. Close Chrome.

                            2. Open "Software and Sources", go to the "Sources" tab

                            3. Remove (or disable if you wish to re-enable it at a later time) the Google source (type your password) and close the window

                            4. Allow "Software and Sources" to reload sources

                            5. Go into Software Center, go to "Installed"

                            6. Find Chrome, uninstall it.

                            7. Close software and sources


                            8. Open a terminal, type :



                              sudo apt update && sudo apt autoremove -y && sudo apt autoclean && sudo apt full-upgrade -y



                            9. Close the terminal and go to your downloads folder and double click the file "google-chrome-stable_current_amd64.deb" (this will open Software Center)


                            10. Click Install

                            you can now open chrome back up. all your tabs and saved passwords ect are still there.







                            share|improve this answer














                            share|improve this answer



                            share|improve this answer








                            edited 2 days ago

























                            answered Apr 12 at 13:35









                            tatsutatsu

                            718734




                            718734












                            • @CarlosAlbertoSilveiradeAnd said "Great!!, work for me! Thanks" but as an edit to my post because he doesn't know how to use this site yet.... I'm adding it so people know it worked for someone.

                              – tatsu
                              Apr 12 at 16:31

















                            • @CarlosAlbertoSilveiradeAnd said "Great!!, work for me! Thanks" but as an edit to my post because he doesn't know how to use this site yet.... I'm adding it so people know it worked for someone.

                              – tatsu
                              Apr 12 at 16:31
















                            @CarlosAlbertoSilveiradeAnd said "Great!!, work for me! Thanks" but as an edit to my post because he doesn't know how to use this site yet.... I'm adding it so people know it worked for someone.

                            – tatsu
                            Apr 12 at 16:31





                            @CarlosAlbertoSilveiradeAnd said "Great!!, work for me! Thanks" but as an edit to my post because he doesn't know how to use this site yet.... I'm adding it so people know it worked for someone.

                            – tatsu
                            Apr 12 at 16:31











                            0














                            You don't. You must wait for Google to renew their keys and for an update.



                            The important message is:




                            The following signatures were invalid: EXPKEYSIG 1397BC53640DB551
                            Google Inc. (Linux Packages Signing Authority)




                            It means that the cryptographic signature is invalid. The source of this can be an attack, a misconfiguration, or other kind of technical problem. Forcing your system to update will result in running an unverified version of your web browser, which can expose you to a lot of security troubles.



                            source






                            share|improve this answer








                            New contributor




                            sxn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                            Check out our Code of Conduct.
























                              0














                              You don't. You must wait for Google to renew their keys and for an update.



                              The important message is:




                              The following signatures were invalid: EXPKEYSIG 1397BC53640DB551
                              Google Inc. (Linux Packages Signing Authority)




                              It means that the cryptographic signature is invalid. The source of this can be an attack, a misconfiguration, or other kind of technical problem. Forcing your system to update will result in running an unverified version of your web browser, which can expose you to a lot of security troubles.



                              source






                              share|improve this answer








                              New contributor




                              sxn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                              Check out our Code of Conduct.






















                                0












                                0








                                0







                                You don't. You must wait for Google to renew their keys and for an update.



                                The important message is:




                                The following signatures were invalid: EXPKEYSIG 1397BC53640DB551
                                Google Inc. (Linux Packages Signing Authority)




                                It means that the cryptographic signature is invalid. The source of this can be an attack, a misconfiguration, or other kind of technical problem. Forcing your system to update will result in running an unverified version of your web browser, which can expose you to a lot of security troubles.



                                source






                                share|improve this answer








                                New contributor




                                sxn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                Check out our Code of Conduct.










                                You don't. You must wait for Google to renew their keys and for an update.



                                The important message is:




                                The following signatures were invalid: EXPKEYSIG 1397BC53640DB551
                                Google Inc. (Linux Packages Signing Authority)




                                It means that the cryptographic signature is invalid. The source of this can be an attack, a misconfiguration, or other kind of technical problem. Forcing your system to update will result in running an unverified version of your web browser, which can expose you to a lot of security troubles.



                                source







                                share|improve this answer








                                New contributor




                                sxn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                Check out our Code of Conduct.









                                share|improve this answer



                                share|improve this answer






                                New contributor




                                sxn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                Check out our Code of Conduct.









                                answered Apr 12 at 17:03









                                sxnsxn

                                11




                                11




                                New contributor




                                sxn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                Check out our Code of Conduct.





                                New contributor





                                sxn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                Check out our Code of Conduct.






                                sxn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                Check out our Code of Conduct.





















                                    0














                                    Google needs to update there GPG key. You can however mark the deb source as trusted, until Google renews their key:




                                    1. cd /var/lib/apt/lists

                                    2. sudo rm
                                      dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages
                                      dl.google.com_linux_chrome_deb_dists_stable_Release
                                      dl.google.com_linux_chrome_deb_dists_stable_Release.gpg


                                    3. add trusted=yes in your /etc/apt/sources.list.d/google-chrome.list file, for it to look like this: deb [arch=amd64, trusted=yes] https://dl.google.com/linux/chrome/deb/ stable main


                                    4. apt clean


                                    5. apt update


                                    You still get an invalid GPG error, but you can ignore it for now.



                                    NOTE: Be careful as this may bring security issues, on non trusted networks, when no https is used in the deb source link.



                                    EDIT: GPG warning no longer appears. Google has renewed their key. If you followed the solution above, just remove the trusted=yes part, then apt clean & finally apt update. You should no longer see any error :D






                                    share|improve this answer




















                                    • 2





                                      Don't do this. If for no other reason than the source being unencrypted. If you did this, forgot all about it and then strayed onto a bad network, it could easily intercept and subvert the Release, packages.list, and therefore essentially run anything it liked as root on your computer. It's not a good idea.

                                      – Oli
                                      Apr 12 at 12:51






                                    • 2





                                      You've missed my point. If somebody can intercept your network traffic, they can pretend to be Google. There's no TLS on a http:// connection. Normally Apt has your back here because they check that all release and package lists are signed. If you intercepted this normally —and maliciously changed something— you'd see a signing error. You're bypassing that whole mechanism here.

                                      – Oli
                                      Apr 12 at 13:29






                                    • 1





                                      Indeed. Thanks for the explanation

                                      – Dimitris Moraitidis
                                      Apr 12 at 13:39






                                    • 2





                                      Agreed, but you can temporarily just make it https with trusted=yes (for now, assuming you're not being TLS MiTM). For example: deb [arch=amd64, trusted=yes] https://dl.google.com/linux/chrome/deb/ stable main

                                      – link_boy
                                      Apr 12 at 14:27







                                    • 1





                                      Also indeed. So I guess my recent edit, I should at least go back to 0 instead of -2 :P

                                      – Dimitris Moraitidis
                                      Apr 12 at 14:33















                                    0














                                    Google needs to update there GPG key. You can however mark the deb source as trusted, until Google renews their key:




                                    1. cd /var/lib/apt/lists

                                    2. sudo rm
                                      dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages
                                      dl.google.com_linux_chrome_deb_dists_stable_Release
                                      dl.google.com_linux_chrome_deb_dists_stable_Release.gpg


                                    3. add trusted=yes in your /etc/apt/sources.list.d/google-chrome.list file, for it to look like this: deb [arch=amd64, trusted=yes] https://dl.google.com/linux/chrome/deb/ stable main


                                    4. apt clean


                                    5. apt update


                                    You still get an invalid GPG error, but you can ignore it for now.



                                    NOTE: Be careful as this may bring security issues, on non trusted networks, when no https is used in the deb source link.



                                    EDIT: GPG warning no longer appears. Google has renewed their key. If you followed the solution above, just remove the trusted=yes part, then apt clean & finally apt update. You should no longer see any error :D






                                    share|improve this answer




















                                    • 2





                                      Don't do this. If for no other reason than the source being unencrypted. If you did this, forgot all about it and then strayed onto a bad network, it could easily intercept and subvert the Release, packages.list, and therefore essentially run anything it liked as root on your computer. It's not a good idea.

                                      – Oli
                                      Apr 12 at 12:51






                                    • 2





                                      You've missed my point. If somebody can intercept your network traffic, they can pretend to be Google. There's no TLS on a http:// connection. Normally Apt has your back here because they check that all release and package lists are signed. If you intercepted this normally —and maliciously changed something— you'd see a signing error. You're bypassing that whole mechanism here.

                                      – Oli
                                      Apr 12 at 13:29






                                    • 1





                                      Indeed. Thanks for the explanation

                                      – Dimitris Moraitidis
                                      Apr 12 at 13:39






                                    • 2





                                      Agreed, but you can temporarily just make it https with trusted=yes (for now, assuming you're not being TLS MiTM). For example: deb [arch=amd64, trusted=yes] https://dl.google.com/linux/chrome/deb/ stable main

                                      – link_boy
                                      Apr 12 at 14:27







                                    • 1





                                      Also indeed. So I guess my recent edit, I should at least go back to 0 instead of -2 :P

                                      – Dimitris Moraitidis
                                      Apr 12 at 14:33













                                    0












                                    0








                                    0







                                    Google needs to update there GPG key. You can however mark the deb source as trusted, until Google renews their key:




                                    1. cd /var/lib/apt/lists

                                    2. sudo rm
                                      dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages
                                      dl.google.com_linux_chrome_deb_dists_stable_Release
                                      dl.google.com_linux_chrome_deb_dists_stable_Release.gpg


                                    3. add trusted=yes in your /etc/apt/sources.list.d/google-chrome.list file, for it to look like this: deb [arch=amd64, trusted=yes] https://dl.google.com/linux/chrome/deb/ stable main


                                    4. apt clean


                                    5. apt update


                                    You still get an invalid GPG error, but you can ignore it for now.



                                    NOTE: Be careful as this may bring security issues, on non trusted networks, when no https is used in the deb source link.



                                    EDIT: GPG warning no longer appears. Google has renewed their key. If you followed the solution above, just remove the trusted=yes part, then apt clean & finally apt update. You should no longer see any error :D






                                    share|improve this answer















                                    Google needs to update there GPG key. You can however mark the deb source as trusted, until Google renews their key:




                                    1. cd /var/lib/apt/lists

                                    2. sudo rm
                                      dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages
                                      dl.google.com_linux_chrome_deb_dists_stable_Release
                                      dl.google.com_linux_chrome_deb_dists_stable_Release.gpg


                                    3. add trusted=yes in your /etc/apt/sources.list.d/google-chrome.list file, for it to look like this: deb [arch=amd64, trusted=yes] https://dl.google.com/linux/chrome/deb/ stable main


                                    4. apt clean


                                    5. apt update


                                    You still get an invalid GPG error, but you can ignore it for now.



                                    NOTE: Be careful as this may bring security issues, on non trusted networks, when no https is used in the deb source link.



                                    EDIT: GPG warning no longer appears. Google has renewed their key. If you followed the solution above, just remove the trusted=yes part, then apt clean & finally apt update. You should no longer see any error :D







                                    share|improve this answer














                                    share|improve this answer



                                    share|improve this answer








                                    edited Apr 12 at 20:40

























                                    answered Apr 12 at 10:00









                                    Dimitris MoraitidisDimitris Moraitidis

                                    386




                                    386







                                    • 2





                                      Don't do this. If for no other reason than the source being unencrypted. If you did this, forgot all about it and then strayed onto a bad network, it could easily intercept and subvert the Release, packages.list, and therefore essentially run anything it liked as root on your computer. It's not a good idea.

                                      – Oli
                                      Apr 12 at 12:51






                                    • 2





                                      You've missed my point. If somebody can intercept your network traffic, they can pretend to be Google. There's no TLS on a http:// connection. Normally Apt has your back here because they check that all release and package lists are signed. If you intercepted this normally —and maliciously changed something— you'd see a signing error. You're bypassing that whole mechanism here.

                                      – Oli
                                      Apr 12 at 13:29






                                    • 1





                                      Indeed. Thanks for the explanation

                                      – Dimitris Moraitidis
                                      Apr 12 at 13:39






                                    • 2





                                      Agreed, but you can temporarily just make it https with trusted=yes (for now, assuming you're not being TLS MiTM). For example: deb [arch=amd64, trusted=yes] https://dl.google.com/linux/chrome/deb/ stable main

                                      – link_boy
                                      Apr 12 at 14:27







                                    • 1





                                      Also indeed. So I guess my recent edit, I should at least go back to 0 instead of -2 :P

                                      – Dimitris Moraitidis
                                      Apr 12 at 14:33












                                    • 2





                                      Don't do this. If for no other reason than the source being unencrypted. If you did this, forgot all about it and then strayed onto a bad network, it could easily intercept and subvert the Release, packages.list, and therefore essentially run anything it liked as root on your computer. It's not a good idea.

                                      – Oli
                                      Apr 12 at 12:51






                                    • 2





                                      You've missed my point. If somebody can intercept your network traffic, they can pretend to be Google. There's no TLS on a http:// connection. Normally Apt has your back here because they check that all release and package lists are signed. If you intercepted this normally —and maliciously changed something— you'd see a signing error. You're bypassing that whole mechanism here.

                                      – Oli
                                      Apr 12 at 13:29






                                    • 1





                                      Indeed. Thanks for the explanation

                                      – Dimitris Moraitidis
                                      Apr 12 at 13:39






                                    • 2





                                      Agreed, but you can temporarily just make it https with trusted=yes (for now, assuming you're not being TLS MiTM). For example: deb [arch=amd64, trusted=yes] https://dl.google.com/linux/chrome/deb/ stable main

                                      – link_boy
                                      Apr 12 at 14:27







                                    • 1





                                      Also indeed. So I guess my recent edit, I should at least go back to 0 instead of -2 :P

                                      – Dimitris Moraitidis
                                      Apr 12 at 14:33







                                    2




                                    2





                                    Don't do this. If for no other reason than the source being unencrypted. If you did this, forgot all about it and then strayed onto a bad network, it could easily intercept and subvert the Release, packages.list, and therefore essentially run anything it liked as root on your computer. It's not a good idea.

                                    – Oli
                                    Apr 12 at 12:51





                                    Don't do this. If for no other reason than the source being unencrypted. If you did this, forgot all about it and then strayed onto a bad network, it could easily intercept and subvert the Release, packages.list, and therefore essentially run anything it liked as root on your computer. It's not a good idea.

                                    – Oli
                                    Apr 12 at 12:51




                                    2




                                    2





                                    You've missed my point. If somebody can intercept your network traffic, they can pretend to be Google. There's no TLS on a http:// connection. Normally Apt has your back here because they check that all release and package lists are signed. If you intercepted this normally —and maliciously changed something— you'd see a signing error. You're bypassing that whole mechanism here.

                                    – Oli
                                    Apr 12 at 13:29





                                    You've missed my point. If somebody can intercept your network traffic, they can pretend to be Google. There's no TLS on a http:// connection. Normally Apt has your back here because they check that all release and package lists are signed. If you intercepted this normally —and maliciously changed something— you'd see a signing error. You're bypassing that whole mechanism here.

                                    – Oli
                                    Apr 12 at 13:29




                                    1




                                    1





                                    Indeed. Thanks for the explanation

                                    – Dimitris Moraitidis
                                    Apr 12 at 13:39





                                    Indeed. Thanks for the explanation

                                    – Dimitris Moraitidis
                                    Apr 12 at 13:39




                                    2




                                    2





                                    Agreed, but you can temporarily just make it https with trusted=yes (for now, assuming you're not being TLS MiTM). For example: deb [arch=amd64, trusted=yes] https://dl.google.com/linux/chrome/deb/ stable main

                                    – link_boy
                                    Apr 12 at 14:27






                                    Agreed, but you can temporarily just make it https with trusted=yes (for now, assuming you're not being TLS MiTM). For example: deb [arch=amd64, trusted=yes] https://dl.google.com/linux/chrome/deb/ stable main

                                    – link_boy
                                    Apr 12 at 14:27





                                    1




                                    1





                                    Also indeed. So I guess my recent edit, I should at least go back to 0 instead of -2 :P

                                    – Dimitris Moraitidis
                                    Apr 12 at 14:33





                                    Also indeed. So I guess my recent edit, I should at least go back to 0 instead of -2 :P

                                    – Dimitris Moraitidis
                                    Apr 12 at 14:33











                                    0














                                    Looks like, as @DooMMasteR said, Google let signing cert expire for their Linux repositories, which due date was April 12th. @yareckon explained that this apt security error is working as expected to prevent badly signed software being installed.



                                    9 hours after the issue was posted, Google fixed certs transparently for the users using Google Chrome repo. The error stopped after they renewed the certs, progressively also on the rest of Google owned repos (Google Earth, Google Music Manager...).



                                    No action is needed (and recommended) from users side, just waiting for the repos in use to be signed with renewed keys.






                                    share|improve this answer



























                                      0














                                      Looks like, as @DooMMasteR said, Google let signing cert expire for their Linux repositories, which due date was April 12th. @yareckon explained that this apt security error is working as expected to prevent badly signed software being installed.



                                      9 hours after the issue was posted, Google fixed certs transparently for the users using Google Chrome repo. The error stopped after they renewed the certs, progressively also on the rest of Google owned repos (Google Earth, Google Music Manager...).



                                      No action is needed (and recommended) from users side, just waiting for the repos in use to be signed with renewed keys.






                                      share|improve this answer

























                                        0












                                        0








                                        0







                                        Looks like, as @DooMMasteR said, Google let signing cert expire for their Linux repositories, which due date was April 12th. @yareckon explained that this apt security error is working as expected to prevent badly signed software being installed.



                                        9 hours after the issue was posted, Google fixed certs transparently for the users using Google Chrome repo. The error stopped after they renewed the certs, progressively also on the rest of Google owned repos (Google Earth, Google Music Manager...).



                                        No action is needed (and recommended) from users side, just waiting for the repos in use to be signed with renewed keys.






                                        share|improve this answer













                                        Looks like, as @DooMMasteR said, Google let signing cert expire for their Linux repositories, which due date was April 12th. @yareckon explained that this apt security error is working as expected to prevent badly signed software being installed.



                                        9 hours after the issue was posted, Google fixed certs transparently for the users using Google Chrome repo. The error stopped after they renewed the certs, progressively also on the rest of Google owned repos (Google Earth, Google Music Manager...).



                                        No action is needed (and recommended) from users side, just waiting for the repos in use to be signed with renewed keys.







                                        share|improve this answer












                                        share|improve this answer



                                        share|improve this answer










                                        answered 2 days ago









                                        LeoLeo

                                        3,05311232




                                        3,05311232





















                                            0














                                            April 15, and I'm still getting this error with the Google Earth and Music Manager repositories. They sure are taking their sweet time with this.






                                            share|improve this answer



























                                              0














                                              April 15, and I'm still getting this error with the Google Earth and Music Manager repositories. They sure are taking their sweet time with this.






                                              share|improve this answer

























                                                0












                                                0








                                                0







                                                April 15, and I'm still getting this error with the Google Earth and Music Manager repositories. They sure are taking their sweet time with this.






                                                share|improve this answer













                                                April 15, and I'm still getting this error with the Google Earth and Music Manager repositories. They sure are taking their sweet time with this.







                                                share|improve this answer












                                                share|improve this answer



                                                share|improve this answer










                                                answered 6 hours ago









                                                MikeFMikeF

                                                162




                                                162















                                                    protected by Community Apr 12 at 17:03



                                                    Thank you for your interest in this question.
                                                    Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).



                                                    Would you like to answer one of these unanswered questions instead?



                                                    Popular posts from this blog

                                                    Tamil (spriik) Luke uk diar | Nawigatjuun

                                                    Align equal signs while including text over equalitiesAMS align: left aligned text/math plus multicolumn alignmentMultiple alignmentsAligning equations in multiple placesNumbering and aligning an equation with multiple columnsHow to align one equation with another multline equationUsing \ in environments inside the begintabularxNumber equations and preserving alignment of equal signsHow can I align equations to the left and to the right?Double equation alignment problem within align enviromentAligned within align: Why are they right-aligned?

                                                    Training a classifier when some of the features are unknownWhy does Gradient Boosting regression predict negative values when there are no negative y-values in my training set?How to improve an existing (trained) classifier?What is effect when I set up some self defined predisctor variables?Why Matlab neural network classification returns decimal values on prediction dataset?Fitting and transforming text data in training, testing, and validation setsHow to quantify the performance of the classifier (multi-class SVM) using the test data?How do I control for some patients providing multiple samples in my training data?Training and Test setTraining a convolutional neural network for image denoising in MatlabShouldn't an autoencoder with #(neurons in hidden layer) = #(neurons in input layer) be “perfect”?