Migrating from apt-key to signed-by
Identify the UID of the key in:
apt-key list
Strip spaces from the key UID:
echo 'A758 B3FB CD43 BE8D 123A 3476 BB29 EE03 8ECC E87C' | tr -d ' '
Extract the key into its own keyring file, conventionally named after the relevant sources file in sources.list.d
:
apt-key export 'A758B3FBCD43BE8D123A3476BB29EE038ECCE87C' | sudo gpg --dearmor -o /etc/apt/keyrings/newrelic-infra.gpg
Edit the sources file (e.g. /etc/apt/sources.list.d/newrelic-infra.list
) to use the new keyring:
-deb [arch=amd64] https://download.newrelic.com/infrastructure_agent/linux/apt bookworm main
+deb [arch=amd64 signed-by=/etc/apt/keyrings/newrelic-infra.gpg] https://download.newrelic.com/infrastructure_agent/linux/apt bookworm main
Finally, remove the old key:
sudo apt-key del A758B3FBCD43BE8D123A3476BB29EE038ECCE87C