Workspace installation fails because repositories are not signed

Good morning,

trying to install onlyoffice workspace following document provided here:

https://helpcenter.onlyoffice.com/installation/workspace-install-linux.aspx

Installation fails because repository is not signed; what’s going on??

An installation script must import necessary signatures or you must provide enough instruction to import signatures by hand!

It’s one week I’m trying to install onlyoffice, from a proxied host first now from an exposed host to avoid proxing issues but NO WAY: Only office appear a poor and badly maintained product! Even on your answer where you don’t know how to setup workspace behind a proxy you evidence no knowledge about what you’re selling!

This is the last chance, then I don’t want to spend more time!!

# ./workspace-install.sh 
Select 'Y' to install ONLYOFFICE using Docker (recommended). Select 'N' to install it using RPM/DEB packages.
Please note, that in case you select RPM/DEB installation, you will need to manually install Mail Server and connect it to your ONLYOFFICE installation.
See instructions in our Help Center: http://helpcenter.onlyoffice.com/server/docker/mail/connect-mail-server-to-community-server-via-portal-settings.aspx
Install with Docker [Y/N/C]? n
Get:1 http://download.onlyoffice.com/repo/debian squeeze InRelease [10.7 kB]
Hit:2 http://deb.debian.org/debian bullseye InRelease                   
Hit:3 http://deb.debian.org/debian bullseye-updates InRelease
Err:1 http://download.onlyoffice.com/repo/debian squeeze InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8320CA65CB2DE8E5
Hit:4 http://security.debian.org/debian-security bullseye-security InRelease
Reading package lists... Done              
W: GPG error: http://download.onlyoffice.com/repo/debian squeeze InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8320CA65CB2DE8E5
E: The repository 'http://download.onlyoffice.com/repo/debian squeeze InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Hello @fpiraneo

We are aware of this issue. However, it is not completely related to us: from time to time Ubuntu key server rejects requests on obtaining the key and thus resulting in this error. Currently, it may take multiple attempts to successfully send the request and get the GPG key so it is recommended to run the installation script few times to get it working.
We are working on relocation of the keys to our repositories and updating the installation script. Due to high load of tasks it may take some time until the issue is finally resolved.

Please accept our sincere apologies for the inconvenience caused.

Hi @Constantine ,

  1. Is CentOS installation affected by the same issue?
  2. Can you provide a manual procedure to install the required keys? In such case I hope the installer script doesn’t fails because the repositories are already configured;
  3. What is the expected time to have this problem solved?

Finally, it worth mentioning this issue in the installation procedure you publish, just to avoid people lose their time (and their mind!).

HOWEVER IS NOT TIME TO TIME: It’s ALWAYS like that!!

Hello @fpiraneo

Sorry for the delayed response.

Unfortunately, RPM installation for CentOS is affected by this issue too.
We are planning to relocate keys to our repositories and fix the installation script during this week.
As for the manual installation of keys: this is very complicated procedure considering the fact that the installation goes via defined script and any changes without testing phase may break the script completely. As for now, I can confirm that within several attempts the script is capable of obtaining the keys.

This is an unexpected issue for us too, so right now we are completely revisiting the process of key verification to make sure that this issue will not happen in future again.

Hello
Any news on that ? I still have the error.

Hello @fpiraneo @hauhazice

We are about to release a new version of Community Server in 2-3 weeks so this issue with installation script will be fixed with this release too.

Please accept our apologies for the inconvenience caused.

Hello, is it the same trouble I have for onlyoffice.gpg when trying install a server onlyoffice ??
I have an error like this:

Info : [##########++........] > Install OnlyOffice...
Attention : gpg: clef 8320CA65CB2DE8E5 : clef publique « Ascensio System Limited (ONLYOFFICE) <support@onlyoffice.com> » importée
Attention : gpg:       Quantité totale traitée : 1
Attention : gpg:                     importées : 1
Attention : E: Failed to fetch https://download.onlyoffice.com/repo/debian/dists/[signed-by=/usr/share/keyrings/onlyoffice.gpg]/InRelease  403  Forbidden [IP: 13.225.34.77 443]
Attention : E: The repository 'https://download.onlyoffice.com/repo/debian [signed-by=/usr/share/keyrings/onlyoffice.gpg] InRelease' is not signed.

Hello @rodinux

It doesn’t seem to be the same issue.
I can see that you’ve create a separate thread with detailed explanation of the issue, please continue communication there.

hello I also present the same error of the take. when it will solve to be able to install in ubuntu thanks prompt response please.

Executing: /tmp/apt-key-gpghome.7U2dl6vPft/gpg.1.sh --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys CB2DE8E5
gpg: keyserver receive failed: No keyserver available

Hello @rladino

The problem is related to the Ubuntu key server, it may take several attempts to successfully reach key server. Please try executing the script few more times until it reaches the server.

I try but it turns out the same, what other alternative do you recommend? does it work in docker?

Hello @rladino

The behavior may be different for each user. I cannot be sure about your case.
Please try using the script to install Workspace via Docker and provide us a feedback.

Same here. Waiting for new release.


Get:5 file:/var/cache/openmediavault/archives  Translation-cs
Ign:5 file:/var/cache/openmediavault/archives  Translation-cs
Get:6 file:/var/cache/openmediavault/archives  Translation-en_GB
Ign:6 file:/var/cache/openmediavault/archives  Translation-en_GB
Hit:7 http://httpredir.debian.org/debian bullseye-backports InRelease
Hit:8 http://deb.debian.org/debian bullseye InRelease
Hit:9 http://deb.debian.org/debian bullseye-updates InRelease
Get:10 http://download.onlyoffice.com/repo/debian squeeze InRelease [10.7 kB]
Hit:11 http://security.debian.org/debian-security bullseye-security InRelease
Hit:12 http://packages.openmediavault.org/public shaitan InRelease
Hit:13 https://openmediavault-plugin-developers.github.io/packages/debian shaitan InRelease
Hit:14 https://download.docker.com/linux/debian bullseye InRelease
Hit:15 https://openmediavault.github.io/packages shaitan InRelease
Err:10 http://download.onlyoffice.com/repo/debian squeeze InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8320CA65CB2DE8E5
Reading package lists... Done
W: GPG error: http://download.onlyoffice.com/repo/debian squeeze InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8320CA65CB2DE8E5
E: The repository 'http://download.onlyoffice.com/repo/debian squeeze InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

You can download the ONLYOFFICE GPG key from this URL:

https://download.onlyoffice.com/GPG-KEY-ONLYOFFICE

See the instructions on this page.