I recently started having a similar issue with gpg verification failed only on select modules. On investigation (with lots of help from the form posts) I have narrowed it down to those modules that are signed by the key " 69D2EAD9" which seems to have expired.
Running the command to refresh the keys I get the following:
$ gpg --refresh-keys --keyserver pgp.mit.edu
gpg: refreshing 3 keys from hkp://pgp.mit.edu
gpg: requesting key FE6D84F7 from hkp server pgp.mit.edu
gpg: requesting key 69D2EAD9 from hkp server pgp.mit.edu
gpg: requesting key B33B4659 from hkp server pgp.mit.edu
gpg: key FE6D84F7: “FreePBX Mirror 1 (Module Signing - 2016/2017) security.at.freepbx.org” not changed
gpg: key 69D2EAD9: “FreePBX Mirror 1 (Module Signing - 2014/2015) <security.at.freepbx.org>” not changed
gpg: key B33B4659: “FreePBX Module Signing (This is the master key to sign FreePBX Modules) <modules.at.freepbx.org>” not changed
gpg: Total number processed: 3
gpg: unchanged: 3
I am running freepbx 13 with asterisk 13.9.1 on ubuntu 14.04.
Please help. The specific modules are core & ucp that I have researched.
The thing is the key actually hasn’t expired. We extended the key out until infinity. However what is happening is that your system is not updating the keys. From what you showed me above you only ran that as root. Which isn’t helpful. You need to run it as the Asterisk user. See the valid response below:
[root@ucc-xxxxx ~]# su asterisk
bash-4.1$ gpg --refresh-keys --keyserver pgp.mit.edu
gpg: refreshing 2 keys from hkp://pgp.mit.edu
gpg: requesting key 69D2EAD9 from hkp server pgp.mit.edu
gpg: requesting key B33B4659 from hkp server pgp.mit.edu
gpg: key 69D2EAD9: "FreePBX Mirror 1 (Module Signing - 2014/2015) <[email protected]>" not changed
gpg: key B33B4659: "FreePBX Module Signing (This is the master key to sign FreePBX Modules) <[email protected]>" not changed
gpg: Total number processed: 2
gpg: unchanged: 2
Thanks for the information. I did run run this as asterisk user too - redo shown below
asterisk@pas0:~$ gpg --refresh-keys --keyserver pgp.mit.edu
gpg: refreshing 3 keys from hkp://pgp.mit.edu
gpg: requesting key B33B4659 from hkp server pgp.mit.edu
gpg: requesting key FE6D84F7 from hkp server pgp.mit.edu
gpg: requesting key 69D2EAD9 from hkp server pgp.mit.edu
gpg: key B33B4659: “FreePBX Module Signing (This is the master key to sign FreePBX Modules) <modules.at.freepbx.org>” not changed
gpg: key FE6D84F7: “FreePBX Mirror 1 (Module Signing - 2016/2017) <security.at.freepbx.org>” not changed
gpg: key 69D2EAD9: “FreePBX Mirror 1 (Module Signing - 2014/2015) <security.at.freepbx.org>” not changed
gpg: Total number processed: 3
gpg: unchanged: 3
asterisk@pas0:~$ whoami
asterisk
asterisk@pas0:~$ fwconsole ma upgradeall
No repos specified, using: [standard,extended,unsupported] from last GUI settings
Upgrading: core, ucp
Upgrading core…
Starting core download…
Processing core
Downloading…
14802599/14802599 [============================] 100%
Finished downloading
The following error(s) occured:
File Integrity failed for /var/www/html/admin/modules/_cache/core-13.0.106.tgz.gpg - aborting (Cause: GPG took too long to run the command: [/usr/bin/gpg --homedir /var/lib/asterisk/.gnupg --no-permission-warning --keyserver-options auto-key-retrieve=true,timeout=5 --status-fd 3 --verify /var/www/html/admin/modules/_cache/core-13.0.106.tgz.gpg])
Once again thanks for your response. Yes this has been the issue all the time. The server is implemented as a VM on Intel® Xeon® CPU E5-2670 0 @ 2.60GHz platform using VMWare ESXi hypervisor.