Invalid packaging signing key format on Debian 13

Hello everyone ,

We are aware of an issue on Debian 13 where the packaging signing key is in the wrong format, which is causing signature verification issues when running apt update.
This is due to the fact that we previously saved this key as a keyring and not as a plain public key, which is accepted on most distributions, including Debian 12, but isn’t on Debian 13.

We are updating our install script to save the key in a public key format and not a keyring file.
In the meantime, if you encounter this issue on an already-installed environment, you can update the local signing key with the following command:

curl -sS "https://keys.openpgp.org/pks/lookup?op=get&options=mr&search=0x3D1A0346C8E1802F774AEF21DE8B853FC155581D" | gpg --dearmor --yes --output /usr/share/keyrings/passbolt-repository.gpg;

To confirm that the new key is in the correct format, you can run file /usr/share/keyrings/passbolt-repository.gpg, which should return something along the lines of OpenPGP Public Key Version 4.

Thank you for your understanding

/tmp/passbolt-repo-setup.ce.sh
Unfortunately, Debian GNU/Linux 13 (trixie) is not supported
Exit

Is Debian Trixie supported ?

Hello, currently it’s possible to install passbolt on debian 13 manually, but we’re in the process of updating the documentations and installations scripts so that it works out of the box like on debian 12. This work should be completed in september, thank you for your patience.

Hi @eoli3n,

Although the repo install script on GitHub supports Debian 13, we haven’t yet updated the one distributed on our website.

Could you confirm that this version of the repository setup script is working for installing Passbolt CE on Debian 13, please?
https://github.com/passbolt/passbolt-dep-scripts/blob/main/passbolt-repo-setup.ce.sh

You can use the download raw button to get the script content.

Best regards and thank you for your patience,
Louis