[mac OS] How to renew an expired GPG key
by Riley MacDonald, November 28, 2019
Problem
While working one day I was suddenly unable to sign a commit for GitHub. The following error was observed:
$ git commit -am "The commit message" error: gpg failed to sign the data fatal: failed to write commit object |
This error was due to my GPG key expiring as I had created it > 2 years ago. I was able to verify the key was expired by running gpg --list-keys:
$ gpg --list-keys /Users/my.username/.gnupg/pubring.kbx ----------------------------------------- pub rsa2048 2017-11-17 [SC] [expired: 2019-11-17] 0X01234567890 uid [ expired] Riley MacDonald <my.email@myemail.com> |
Solution
Set the expiry of the GPG key to never expire (0) by executing the expire command. Start by running gpg --edit-key with your key (e.g 0x01234567890):
$ gpg --edit-key 0x01234567890 gpg (GnuPG) 2.2.2; Copyright (C) 2017 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Secret key is available. sec rsa2048/0x01234567890 created: 2017-11-17 expired: 2019-11-17 usage: SC trust: ultimate validity: expired ssb rsa2048/FA3230902417FFFE created: 2017-11-17 expired: 2019-11-17 usage: E [ expired] (1). Riley MacDonald <my.email@myemail.com> |
Then run the expire command followed by the desired expiry and save:
gpg> expire Changing expiration time for the primary key. Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) 0 Key does not expire at all Is this correct? (y/N) y gpg> save |
Success, I’m able to sign my git commits again and carry on with my day.