Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No trusted public keys found

    Scheduled Pinned Locked Moved General pfSense Questions
    20 Posts 4 Posters 3.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mloiterman
      last edited by

      I've recently upgraded from 2.5.2 to pfSense Plus 22.01 and my updates and packages are broken due to what appears to be a missing or incorrect key.

      When I try to install new packages the available packages list is empty and when I try to update (I know there aren't any, but just trying to figure out the problem) it says:

      Unable to check for updates

      22.01-RELEASE][root@pfsense.ascendencyhome.net]/usr/local/share/pfSense/keys/pkg/trusted: pkg-static update -f
      Updating pfSense-core repository catalogue...
      Fetching meta.conf: 100%    163 B   0.2kB/s    00:01
      Fetching packagesite.pkg: 100%    2 KiB   1.7kB/s    00:01
      pkg-static: No trusted public keys found
      Unable to update repository pfSense-core
      Updating pfSense repository catalogue...
      Fetching meta.conf: 100%    163 B   0.2kB/s    00:01
      Fetching packagesite.pkg: 100%  149 KiB 152.9kB/s    00:01
      pkg-static: No trusted public keys found
      Unable to update repository pfSense
      Error updating repositories!
      

      Keys appear to be present:

      [22.01-RELEASE][root@pfsense.ascendencyhome.net]/usr/local/share/pfSense/keys/pkg/trusted: ls -alh
      total 19
      drwxr-xr-x  2 root  wheel     5B Feb 14 19:26 .
      drwxr-xr-x  4 root  wheel     4B Feb  7 10:32 ..
      -rw-r--r--  1 root  wheel    95B Feb  7 10:32 beta.pfsense.org.20151223
      -rw-r--r--  1 root  wheel    95B Feb  7 10:32 pkg.pfsense.org.20160406
      -rw-r--r--  1 root  wheel    94B Feb 14 19:24 plus.pfsense.org.20220214
      

      What am I missing here?

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Try running pkg-static -d update to get more debug info.

        Steve

        M 1 Reply Last reply Reply Quote 0
        • M
          mloiterman @stephenw10
          last edited by mloiterman

          @stephenw10 said in No trusted public keys found:

          The signatures in the key files don't match what is on GitHub for 2.6. I don't know if that's correct because I'm on Plus or not. I can post them here (presumably they're public), but I don't know if that's acceptable or not...

          # pkg-static -d update
          DBG(1)[60044]> pkg initialized
          Updating pfSense-core repository catalogue...
          DBG(1)[60044]> PkgRepo: verifying update for pfSense-core
          DBG(1)[60044]> PkgRepo: need forced update of pfSense-core
          DBG(1)[60044]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense-core.sqlite'
          DBG(1)[60044]> Request to fetch pkg+https://packages.netgate.com/pfSense_v2_6_0_amd64-core/meta.conf
          DBG(1)[60044]> opening libfetch fetcher
          DBG(1)[60044]> Fetch > libfetch: connecting
          DBG(1)[60044]> Fetch: fetching from: https://files00.netgate.com/pfSense_v2_6_0_amd64-core/meta.conf with opts "i"
          DBG(1)[60044]> Fetch: fetcher chosen: https
          Fetching meta.conf: 100%    163 B   0.2kB/s    00:01
          DBG(1)[60044]> Request to fetch pkg+https://packages.netgate.com/pfSense_v2_6_0_amd64-core/packagesite.pkg
          DBG(1)[60044]> opening libfetch fetcher
          DBG(1)[60044]> Fetch > libfetch: connecting
          DBG(1)[60044]> Fetch: fetching from: https://files00.netgate.com/pfSense_v2_6_0_amd64-core/packagesite.pkg with opts "i"
          DBG(1)[60044]> Fetch: fetcher chosen: https
          Fetching packagesite.pkg: 100%    2 KiB   1.7kB/s    00:01
          DBG(1)[60044]> PkgRepo: extracting packagesite.yaml of repo pfSense-core
          DBG(1)[60254]> PkgRepo: extracting signature of repo in a sandbox
          pkg-static: No trusted public keys found
          Unable to update repository pfSense-core
          Updating pfSense repository catalogue...
          DBG(1)[60044]> PkgRepo: verifying update for pfSense
          DBG(1)[60044]> PkgRepo: need forced update of pfSense
          DBG(1)[60044]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense.sqlite'
          DBG(1)[60044]> Request to fetch pkg+https://packages.netgate.com/pfSense_v2_6_0_amd64-pfSense_v2_6_0/meta.conf
          DBG(1)[60044]> opening libfetch fetcher
          DBG(1)[60044]> Fetch > libfetch: connecting
          DBG(1)[60044]> Fetch: fetching from: https://files01.netgate.com/pfSense_v2_6_0_amd64-pfSense_v2_6_0/meta.conf with opts "i"
          DBG(1)[60044]> Fetch: fetcher chosen: https
          Fetching meta.conf: 100%    163 B   0.2kB/s    00:01
          DBG(1)[60044]> Request to fetch pkg+https://packages.netgate.com/pfSense_v2_6_0_amd64-pfSense_v2_6_0/packagesite.pkg
          DBG(1)[60044]> opening libfetch fetcher
          DBG(1)[60044]> Fetch > libfetch: connecting
          DBG(1)[60044]> Fetch: fetching from: https://files01.netgate.com/pfSense_v2_6_0_amd64-pfSense_v2_6_0/packagesite.pkg with opts "i"
          DBG(1)[60044]> Fetch: fetcher chosen: https
          Fetching packagesite.pkg: 100%  149 KiB 152.9kB/s    00:01
          DBG(1)[60044]> PkgRepo: extracting packagesite.yaml of repo pfSense
          DBG(1)[60259]> PkgRepo: extracting signature of repo in a sandbox
          pkg-static: No trusted public keys found
          Unable to update repository pfSense
          Error updating repositories!
          
          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Your pkg repo is still pointing at the 2.6 branch. If you do to the System > Update do you see 22.01 as the current version?

            Steve

            M 1 Reply Last reply Reply Quote 0
            • M
              mloiterman @stephenw10
              last edited by

              @stephenw10

              No, it still says 2.6 even though I have changed it and saved it multiple times.

              What's the best way to manually change it?

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                Does it still show as registered in System > Register?

                What update branches is it offering you?

                Steve

                M 1 Reply Last reply Reply Quote 0
                • M
                  mloiterman @stephenw10
                  last edited by

                  @stephenw10

                  It's only showing 2.6

                  I had a system Register, but now it's gone.

                  I guess I'm going to have to reinstall?

                  Sigh...

                  M 1 Reply Last reply Reply Quote 0
                  • M
                    mloiterman @mloiterman
                    last edited by

                    I reinstalled, restored my configuration and then upgraded to plus. Everything appears to be working correctly now.

                    1 Reply Last reply Reply Quote 1
                    • N
                      ns
                      last edited by

                      I'm hitting the same issue after switching to pfsense+, hoping I can try some other troubleshooting techniques before doing a wipe/reload.

                      [22.01-RELEASE][admin@localdomain]/root: pkg-static -d update
                      DBG(1)[34629]> pkg initialized
                      Updating pfSense-core repository catalogue...
                      DBG(1)[34629]> PkgRepo: verifying update for pfSense-core
                      DBG(1)[34629]> PkgRepo: need forced update of pfSense-core
                      DBG(1)[34629]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense-core.sqlite'
                      DBG(1)[34629]> Request to fetch pkg+https://beta.pfsense.org/packages/pfSense_master_amd64-core/meta.conf
                      DBG(1)[34629]> opening libfetch fetcher
                      DBG(1)[34629]> Fetch > libfetch: connecting
                      DBG(1)[34629]> Fetch: fetching from: https://files01.netgate.com/packages/pfSense_master_amd64-core/meta.conf with opts "i"
                      DBG(1)[34629]> Fetch: fetcher chosen: https
                      Fetching meta.conf: 100% 163 B 0.2kB/s 00:01
                      DBG(1)[34629]> Request to fetch pkg+https://beta.pfsense.org/packages/pfSense_master_amd64-core/packagesite.pkg
                      DBG(1)[34629]> opening libfetch fetcher
                      DBG(1)[34629]> Fetch > libfetch: connecting
                      DBG(1)[34629]> Fetch: fetching from: https://files01.netgate.com/packages/pfSense_master_amd64-core/packagesite.pkg with opts "i"
                      DBG(1)[34629]> Fetch: fetcher chosen: https
                      Fetching packagesite.pkg: 100% 2 KiB 1.8kB/s 00:01
                      DBG(1)[34629]> PkgRepo: extracting packagesite.yaml of repo pfSense-core
                      DBG(1)[34843]> PkgRepo: extracting signature of repo in a sandbox
                      pkg-static: No trusted public keys found
                      Unable to update repository pfSense-core
                      Updating pfSense repository catalogue...
                      DBG(1)[34629]> PkgRepo: verifying update for pfSense
                      DBG(1)[34629]> PkgRepo: need forced update of pfSense
                      DBG(1)[34629]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense.sqlite'
                      DBG(1)[34629]> Request to fetch pkg+https://beta.pfsense.org/packages/pfSense_master_amd64-pfSense_devel/meta.conf
                      DBG(1)[34629]> opening libfetch fetcher
                      DBG(1)[34629]> Fetch > libfetch: connecting
                      DBG(1)[34629]> Fetch: fetching from: https://files00.netgate.com/packages/pfSense_master_amd64-pfSense_devel/meta.conf with opts "i"
                      DBG(1)[34629]> Fetch: fetcher chosen: https
                      Fetching meta.conf: 100% 163 B 0.2kB/s 00:01
                      DBG(1)[34629]> Request to fetch pkg+https://beta.pfsense.org/packages/pfSense_master_amd64-pfSense_devel/packagesite.pkg
                      DBG(1)[34629]> opening libfetch fetcher
                      DBG(1)[34629]> Fetch > libfetch: connecting
                      DBG(1)[34629]> Fetch: fetching from: https://files00.netgate.com/packages/pfSense_master_amd64-pfSense_devel/packagesite.pkg with opts "i"
                      DBG(1)[34629]> Fetch: fetcher chosen: https
                      Fetching packagesite.pkg: 100% 152 KiB 155.7kB/s 00:01
                      DBG(1)[34629]> PkgRepo: extracting packagesite.yaml of repo pfSense
                      DBG(1)[35151]> PkgRepo: extracting signature of repo in a sandbox
                      pkg-static: No trusted public keys found
                      Unable to update repository pfSense
                      Error updating repositories!

                      GertjanG 1 Reply Last reply Reply Quote 0
                      • GertjanG
                        Gertjan @ns
                        last edited by

                        @ns

                        The system time is ok ?

                        No "help me" PM's please. Use the forum, the community will thank you.
                        Edit : and where are the logs ??

                        N 1 Reply Last reply Reply Quote 0
                        • N
                          ns @Gertjan
                          last edited by

                          @gertjan Indeed: Current date/time
                          Fri Sep 16 10:36:35 EDT 2022

                          I have tried switching different update branches from the UI, same results.

                          1 Reply Last reply Reply Quote 0
                          • stephenw10S
                            stephenw10 Netgate Administrator
                            last edited by

                            What branch do you have selected?

                            Looks like you might be trying to hit the dev branch which would be 22.09/22.11 at this point. Make sure you're set to latest stable to see 22.05.

                            Steve

                            N 1 Reply Last reply Reply Quote 0
                            • N
                              ns @stephenw10
                              last edited by

                              @stephenw10 I get the same results from all branches; here's the output from 2.6.0
                              pkg-static -d update
                              DBG(1)[9368]> pkg initialized
                              Updating pfSense-core repository catalogue...
                              DBG(1)[9368]> PkgRepo: verifying update for pfSense-core
                              DBG(1)[9368]> PkgRepo: need forced update of pfSense-core
                              DBG(1)[9368]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense-core.sqlite'
                              DBG(1)[9368]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_6_0_amd64-core/meta.conf
                              DBG(1)[9368]> opening libfetch fetcher
                              DBG(1)[9368]> Fetch > libfetch: connecting
                              DBG(1)[9368]> Fetch: fetching from: https://pkg01-atx.netgate.com/pfSense_v2_6_0_amd64-core/meta.conf with opts "i"
                              DBG(1)[9368]> Fetch: fetcher chosen: https
                              Fetching meta.conf: 100% 163 B 0.2kB/s 00:01
                              DBG(1)[9368]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_6_0_amd64-core/packagesite.pkg
                              DBG(1)[9368]> opening libfetch fetcher
                              DBG(1)[9368]> Fetch > libfetch: connecting
                              DBG(1)[9368]> Fetch: fetching from: https://pkg01-atx.netgate.com/pfSense_v2_6_0_amd64-core/packagesite.pkg with opts "i"
                              DBG(1)[9368]> Fetch: fetcher chosen: https
                              Fetching packagesite.pkg: 100% 2 KiB 1.7kB/s 00:01
                              DBG(1)[9368]> PkgRepo: extracting packagesite.yaml of repo pfSense-core
                              DBG(1)[9600]> PkgRepo: extracting signature of repo in a sandbox
                              pkg-static: No trusted public keys found
                              Unable to update repository pfSense-core
                              Updating pfSense repository catalogue...
                              DBG(1)[9368]> PkgRepo: verifying update for pfSense
                              DBG(1)[9368]> PkgRepo: need forced update of pfSense
                              DBG(1)[9368]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense.sqlite'
                              DBG(1)[9368]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_6_0_amd64-pfSense_v2_6_0/meta.conf
                              DBG(1)[9368]> opening libfetch fetcher
                              DBG(1)[9368]> Fetch > libfetch: connecting
                              DBG(1)[9368]> Fetch: fetching from: https://pkg00-atx.netgate.com/pfSense_v2_6_0_amd64-pfSense_v2_6_0/meta.conf with opts "i"
                              DBG(1)[9368]> Fetch: fetcher chosen: https
                              Fetching meta.conf: 100% 163 B 0.2kB/s 00:01
                              DBG(1)[9368]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_6_0_amd64-pfSense_v2_6_0/packagesite.pkg
                              DBG(1)[9368]> opening libfetch fetcher
                              DBG(1)[9368]> Fetch > libfetch: connecting
                              DBG(1)[9368]> Fetch: fetching from: https://pkg00-atx.netgate.com/pfSense_v2_6_0_amd64-pfSense_v2_6_0/packagesite.pkg with opts "i"
                              DBG(1)[9368]> Fetch: fetcher chosen: https
                              Fetching packagesite.pkg: 100% 149 KiB 153.0kB/s 00:01
                              DBG(1)[9368]> PkgRepo: extracting packagesite.yaml of repo pfSense
                              DBG(1)[9650]> PkgRepo: extracting signature of repo in a sandbox
                              pkg-static: No trusted public keys found
                              Unable to update repository pfSense
                              Error updating repositories!

                              1 Reply Last reply Reply Quote 0
                              • stephenw10S
                                stephenw10 Netgate Administrator
                                last edited by

                                Hmm, you were running 22.01 and trying to upgrade to 22.05 I assume?

                                You shouldn't be seeing 2.6 as an available branch at all.

                                What i the history on that install?

                                N 1 Reply Last reply Reply Quote 0
                                • N
                                  ns @stephenw10
                                  last edited by

                                  @stephenw10 I went from the 2.7.0 (last nightly from 8/30 IIRC) to Pfsense+ 😟

                                  1 Reply Last reply Reply Quote 0
                                  • stephenw10S
                                    stephenw10 Netgate Administrator
                                    last edited by

                                    Ah, OK. Yes, that's not (yet) a supported upgrade path. Curently you can only upgrade between 2.6 and 22.01. You can then update to 22.05.

                                    Are you able to re-install clean? That's probably going to be the quickest way back.

                                    Otherwise try running freebsd-version -kru and uname -a to see what you have ended up with.

                                    N 1 Reply Last reply Reply Quote 0
                                    • N
                                      ns @stephenw10
                                      last edited by

                                      @stephenw10 said in No trusted public keys found:

                                      Wipe and reload is going to be a pita, but one that I forced on myself, this sucker is remote.

                                      Here's the output(s):

                                      uname -a

                                      freebsd-version -kru
                                      12.3-STABLE
                                      12.3-STABLE
                                      12.3-STABLE

                                      uname -a
                                      FreeBSD a.localdomain 12.3-STABLE FreeBSD 12.3-STABLE plus-RELENG_22_01-n202637-97cc5c23e13 pfSense amd64

                                      1 Reply Last reply Reply Quote 0
                                      • stephenw10S
                                        stephenw10 Netgate Administrator
                                        last edited by

                                        Ok, the latest stable repo branch is showing 22.01 or 2.6?

                                        It needs to be 22.01. If it is then I would first try this:
                                        https://docs.netgate.com/pfsense/en/latest/troubleshooting/upgrades.html#upgrade-not-offered-library-errors

                                        N 1 Reply Last reply Reply Quote 0
                                        • N
                                          ns @stephenw10
                                          last edited by

                                          @stephenw10 pulling the keys from git looks like it resolved the key issue. I'm somewhere between the CE>+ migration, but at least the FW is running. I'll leave it like this for the time being. Thank you for the assistance.

                                          1 Reply Last reply Reply Quote 0
                                          • stephenw10S
                                            stephenw10 Netgate Administrator
                                            last edited by

                                            Ah, good call! 👍

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.