Adding GPG key inside docker container causes "no valid OpenPGP data found"

Question

I'm trying to install New Relic's system monitoring inside a docker container, but the apt-key add - fails with no valid OpenPGP data found.

There is the full Dockerfile:

FROM ubuntu
MAINTAINER Matej Koubik

RUN echo deb http://apt.newrelic.com/debian/ newrelic non-free >> /etc/apt/sources.list.d/newrelic.list
RUN wget -O- https://download.newrelic.com/548C16BF.gpg | apt-key add -
RUN apt-get update
RUN apt-get install newrelic-sysmond
RUN nrsysmond-config --set license_key=...
RUN /etc/init.d/newrelic-sysmond start

johncosta · Accepted Answer · 2014-02-21T13:59:24.080

38

The solution provided by @xdays works around the problem, but also works around the protection that ssl is providing. You could install the ca-certificates package before issuing your wget statement and it should work with ssl.

Add the following line before your call to wget:

RUN apt-get install -y ca-certificates wget

edited Feb 21 '14 at 13:59

answered Feb 20 '14 at 22:43

johncosta

3,737
1
25
25

score 7 · Answer 2 · answered Dec 11 '19 at 09:13

7

I ran into this issue when i was installing docker.

run sudo apt install apt-transport-https ca-certificates curl software-properties-common

You can refer here.

And then curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

answered Dec 11 '19 at 09:13

Keval

557
10
15

score 5 · Answer 3 · answered Jan 12 '14 at 09:31

it seems that the problem is wget, add --no-check-certificate to your wget, and everything is ok.

# wget --no-check-certificate -O- https://download.newrelic.com/548C16BF.gpg | apt-key add -                                                                 
--2014-01-12 09:29:30--  https://download.newrelic.com/548C16BF.gpg
Resolving download.newrelic.com (download.newrelic.com)... 50.31.164.159
Connecting to download.newrelic.com (download.newrelic.com)|50.31.164.159|:443... connected.
WARNING: cannot verify download.newrelic.com's certificate, issued by `/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA':
  Unable to locally verify the issuer's authority.
HTTP request sent, awaiting response... 200 OK
Length: 1682 (1.6K) [application/octet-stream]
Saving to: `STDOUT'

100%[=================================================================================================================================================>] 1,682       --.-K/s   in 0s      

2014-01-12 09:29:31 (15.1 MB/s) - written to stdout [1682/1682]

OK

The accepted answer is the correct one (add the ca-certificates); turning off certificate check reduces safety, while there is a simple solution above. — peter_v, Jun 13 '19 at 20:24
I followed the correct one (adding the ca-certificates) but nope, still get the same error? So I have to use this one and reduce the safety unfortunately. No idea why it still fails even though the ca-certificates are installed before wget and the call to apt-key add. — englishPete, Jan 24 '20 at 16:47

score 1 · Answer 4 · answered Oct 28 '17 at 09:23

1

You can run wget -O- https://download.newrelic.com/548C16BF.gpg | apt-key add - seperately with wget -O- https://download.newrelic.com/548C16BF.gpg and apt-key add -. You can refer here.

And this is same for curl.

answered Oct 28 '17 at 09:23

LF00

27,015
29
156
295

Adding GPG key inside docker container causes "no valid OpenPGP data found"

4 Answers4

Linked