In this article, we will be discussing how to resolve the issue of invalid signatures for Skype on Ubuntu when using the apt upgrade command. This issue typically arises due to an expired key signature for the Skype Linux Client Repository. It’s a common problem that impacts all users of Skype on Ubuntu.
To fix invalid signatures for Skype on Ubuntu with apt upgrade, you can either use the apt-key command or manually add the new key to the keyring. The first solution is valid until Ubuntu 21.04, while the second solution is valid in Ubuntu 21.04 and future releases.
Understanding the Issue
When you run sudo apt update or sudo apt upgrade, you may encounter an error message that says something like “The following signatures were invalid: EXPKEYSIG B1F3045A5DF7587C3 Skype Linux Client Repository”. This error is caused by an expired key signature for the Skype Linux Client Repository.
Solution 1: Using the apt-key Command
This solution is valid until Ubuntu 21.04.
Step 1: Delete the Expired Key
The first step in resolving this issue is to delete the expired key. You can do this by running the following command:
sudo apt-key del 1F3045A5DF7587C3The del parameter is used to delete a key from the system’s keyring. In this case, 1F3045A5DF7587C3 is the ID of the expired key.
Step 2: Add the New Valid Key
Next, you need to add the new valid key. You can do this by running the following command:
curl https://repo.skype.com/data/SKYPE-GPG-KEY | sudo apt-key add -The curl command fetches the new key from the Skype repository. The | symbol pipes the output of the curl command (i.e., the new key) to the sudo apt-key add - command, which adds the new key to the system’s keyring.
Step 3: Update and Upgrade
Finally, run sudo apt update && sudo apt upgrade to check for any errors. The && operator ensures that the sudo apt upgrade command only runs if the sudo apt update command completes successfully.
Solution 2: Manual Keyring Addition
This solution is valid in Ubuntu 21.04 and future releases.
Step 1: Delete the Expired Key
As with the previous solution, the first step is to delete the expired key:
sudo apt-key del 1F3045A5DF7587C3Step 2: Download and Add the New Key to the Keyring
Next, download the new key and add it to the keyring:
curl https://repo.skype.com/data/SKYPE-GPG-KEY | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/skype-stable-archive-keyring.gpgThe gpg --dearmor command converts the key from ASCII armor format to binary format. The sudo tee command writes the binary key to the skype-stable-archive-keyring.gpg file in the /etc/apt/trusted.gpg.d/ directory.
Step 3: Modify the skype-stable.list File
Open the skype-stable.list file using the nano text editor:
sudo nano /etc/apt/sources.list.d/skype-stable.listModify the first line to include the new key:
deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/skype-stable-archive-keyring.gpg] https://repo.skype.com/deb stable mainThe signed-by option specifies the file that contains the key used to sign the repository.
Step 4: Update and Upgrade
Finally, run sudo apt update && sudo apt upgrade to check for any errors.
Conclusion
These solutions should help resolve the issue of invalid signatures for Skype on Ubuntu. However, since Microsoft is responsible for renewing the key, you may need to wait for them to update the necessary key signatures. If you continue to experience issues, consider reaching out to Microsoft’s support team for further assistance.
The apt-key command is used to manage the repository’s keyring, which contains the public keys used to verify the authenticity of packages in Ubuntu. It allows you to add, delete, or list keys in the keyring.
To delete an expired key using the apt-key command, you can run sudo apt-key del [key-id], where [key-id] is the ID of the expired key. For example, in the case of Skype, the command would be sudo apt-key del 1F3045A5DF7587C3.
To add a new valid key using the apt-key command, you can use the apt-key add - command along with the curl command to fetch the key from the repository. For example, in the case of Skype, the command would be curl https://repo.skype.com/data/SKYPE-GPG-KEY | sudo apt-key add -.
To manually add a key to the keyring, you can download the key using curl, convert it to binary format using gpg --dearmor, and then write it to a specific file in the /etc/apt/trusted.gpg.d/ directory using sudo tee. For example, in the case of Skype, the command would be curl https://repo.skype.com/data/SKYPE-GPG-KEY | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/skype-stable-archive-keyring.gpg.
You can modify the skype-stable.list file using a text editor such as nano. To open the file with nano, you can run sudo nano /etc/apt/sources.list.d/skype-stable.list. Once the file is open, you can make the necessary modifications and save the changes.
If the issue persists after following these solutions, it is recommended to reach out to Microsoft’s support team for further assistance. They will be able to provide specific guidance and troubleshooting steps for resolving the issue.
