Nginx.org packages GPG key expiration & update

Hello,

As some might have noticed, the expiration date of the GPG key we use to
sign repos and packages for Linux distributions 1 was getting close
(2016-08-17), so I’ve prolonged the key validity until 2024-06-14. The
ID of the key stays the same.

If you’re using Debian/Ubuntu packages from nginx.org, you should
re-fetch and add the updated key to the APT keyring:

wget https://nginx.org/keys/nginx_signing.key && apt-key add

./nginx_signing.key

If you’re using CentOS/RHEL/SLES:

wget https://nginx.org/keys/nginx_signing.key && rpm --import

./nginx_signing.key

I’ve also uploaded the updated key to keys.gnupg.net/pgp.mit.edu, though
it might take some time for the pool to catch up on that change.

And finally for the sake of search engines visibility, here’s the apt
output Debian/Ubuntu users will see after 2016-08-17 with the old key:

W: GPG error: http://nginx.org jessie Release: The following signatures
were invalid: KEYEXPIRED 1471427554

Have a nice day,


Konstantin P.

Build & Deliver Applications, Flawlessly.
nginx.conf 2016: September 7-9, Austin, TX