I am a Spotify for Linux user. Ever since I got up this morning I have been getting an error from my update manager that Spotify's repo signing keys are expired. Anyone know what's going on? The error message I am getting is as follows:
"An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://repository.spotify.com stable InRelease: The following signatures were invalid: EXPKEYSIG EFDC8610341D9410 Spotify Public Repository Signing Key <email@example.com>Failed to fetch http://repository.spotify.com/dists/stable/InRelease The following signatures were invalid: EXPKEYSIG EFDC8610341D9410 Spotify Public Repository Signing Key <firstname.lastname@example.org>Some index files failed to download. They have been ignored, or old ones used instead."
Solved! Go to Solution.
The repository is not signed with the key, that you've been told on https://www.spotify.com/de/download/linux/
At the moment, the repository is signed with 0x341d9410, you can see that on http://repository.spotify.com/dists/stable/InRelease
As you can see here: https://keyserver.ubuntu.com/pks/lookup?search=0x341D9410&op=vindex
the key expired today, thats why the key is no longer trusted.
As a user, you can deactivate the repository temporarily to avoid any error messages. To solve this problem, spotify has to change the signature key for the repository.