Home / How to / The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository

The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository

I just tried to update one my Kali Virtual Machine and received the following error:

root@kali:~# 
root@kali:~# apt-get update
Get:1 http://kali.mirror.garr.it/mirrors/kali kali-rolling InRelease [30.5 kB]
Err:1 http://kali.mirror.garr.it/mirrors/kali kali-rolling InRelease
  The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>
Reading package lists... Done
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://kali.mirror.garr.it/mirrors/kali kali-rolling InRelease: The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>
W: Failed to fetch http://http.kali.org/kali/dists/kali-rolling/InRelease  The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>
W: Some index files failed to download. They have been ignored, or old ones used instead.
root@kali:~

The following signatures were invalid EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository - blackMORE Ops -3

It seems like the APT GPG Key expired. Searched around and the found that the following solution worked for most people:

root@kali:~# apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 7D8D0BF6
Executing: /tmp/apt-key-gpghome.Ze2Ri87qe6/gpg.1.sh --keyserver hkp://keys.gnupg.net --recv-keys 7D8D0BF6
gpg: key ED444FF07D8D0BF6: 133 signatures not checked due to missing keys
gpg: key ED444FF07D8D0BF6: "Kali Linux Repository <devel@kali.org>" 135 new signatures
gpg: Total number processed: 1
gpg:         new signatures: 135
root@kali:~#

The following signatures were invalid EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository - blackMORE Ops -4

After that, you simply try to run apt-get update and it should just work as normal.

The following signatures were invalid EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository - blackMORE Ops -1

Apparently the above solution didn’t work for few, here’s an alternative solution:

root@kali:~# wget https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2018.1_all.deb
root@kali:~# apt install ./kali-archive-keyring_2018.1_all.deb

However, you need to ensure that your Kali Linux Repositories are correct, mine were as follows:

The following signatures were invalid EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository - blackMORE Ops -2

If you want a guide on how to fix you Kali Linux Official Repositories, follow this guide. Follow the Kali Rolling section.

Happy days!

5 comments

  1. thanks mate this works perfect

  2. second repair option worked great cheers

  3. Thanks a lot! Works great.

  4. (+1) The only one true answer for this COMMON problem.

Use WordPress.com, Twitter, Facebook, or Google+ accounts to comment (anonymous comments allowed)

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Privacy Policy on Cookies Usage

Some services used in this site uses cookies to tailor user experience or to show ads.