7

I'm trying to install PostgreSQL 9.4 on a clean, new Debian Jessie machine.

I'm following these instructions: https://wiki.postgresql.org/wiki/Apt#Quickstart

When I get to this point:

wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -

I get this error:

gpg: no valid OpenPGP data found.

What am I doing wrong?

Jens Erat
  • 37,523
  • 16
  • 80
  • 96
Richard
  • 62,943
  • 126
  • 334
  • 542
  • Split that command and verify what you're getting is the actual key and not some connection error. – Jakub Kania Aug 13 '15 at 17:33
  • 1
    Side note: Debian Jessie already ships PostgreSQL 9.4, do you really need to build on your own? Testing/unstable usually ship very bleeding edge versions, these might be a better way to go instead of building on your own (updates included). – Jens Erat Aug 13 '15 at 19:55
  • @JensErat thanks. I ended up just using `apt` to install it, much easier! – Richard Aug 14 '15 at 08:22
  • yep but in Jessie you have 9.4 (and magnificiant JSONB type so you can apt-get remove mongodb !), but still miss 9.5 (and it's more than welcome UPSERT capabilities !) – comte Mar 11 '16 at 13:35

2 Answers2

2

These instructions are fine, you must suffer from connection problems (or get other contents served than expected. Do following:

  • Run wget -o - https://www.postgresql.org/media/keys/ACCC4CF8.asc (without --quiet and without pipe to GnuPG) to inspect what's actually happening. Is wget indicating any connection problems?
  • You can also download the file from your browsers, simply store the textual contents using copy-paste to a text file and import it using apt-key add [path-to-file] (or, given somebody finding this question wants to import to the default GnuPG keyring, gpg --import < [path-to-file]).

Most likely wget does not find the root certificated referenced by the PostgreSQL website, you're behind some proxy which is not configured for wget or a gateway changing the website; at least the results returned are not key data in a format GnuPG expects.

Community
  • 1
  • 1
Jens Erat
  • 37,523
  • 16
  • 80
  • 96
  • This is a good answer. Running wget without --quiet and without the pipe to GnuPG will show more details on the issue, and wget will often suggest a solution (eg: --no-check-certificate) – Jessedc Mar 09 '18 at 21:56
2

In my case the problem was caused by an incorrect https certificate from postgresql.

Just add the --no-check-certificate to the wget command.

Ektor
  • 163
  • 1
  • 7
  • 1
    If you disable `wget`'s certificate validation, a man in the middle attacker might not only send you with a manipulated PostgreSQL package (and other system packages!), but also provide a seemingly valid certificate. If fetching from HTTPs is your only trust anchor, do at least not disable certificate checks without understanding why they failed. – Jens Erat Mar 09 '18 at 23:09