Signature verification failed

[Toastymuffin68]

While trying to install on Kali Linux i keep getting a signature verification failed. 613188FC5BE2176E3ED54901E53D989A9E2D47BF:key expired. What are my options?

[Thermo41]

Hi

I have the same exactly in Debian bookworm, after updating the to-browser launcher today. I tested a few points

• download manually from https://www.torproject.org/download/
• follow instructions to verify the file signature as in https://support.torproject.org/tbb/how-to-verify-signature/, then it checks positively.
• checked the` file torbrowser-launcher downlads to .cache/torbrowser/download/ are actually the same
• checked the signature is also the same Nonetheless the check for signature fails .

If I cans pare some time, I will check a bit deeper.

[AsciiWolf]

Thanks for reporting this. I can confirm the issue. It is also reported in upstream.

[AsciiWolf]

It looks like it actually is a Tor keyserver issue, not this Flatpak or a torbrowser-launcher one. See this comment: https://github.com/micahflee/torbrowser-launcher/issues/700#issuecomment-1727392723

[AsciiWolf]

Tor Project is aware of this issue and is currently working on a fix.

[AsciiWolf]

The issue has been fixed by upstream. :-)

[Gullixus]

gpg: key 4E2C6E8793298290: public key "Tor Browser Developers (signing key) torbrowser@torproject.org" imported gpg: Total number processed: 1 gpg: imported: 1 pub rsa4096 2014-12-15 [C] [expires: 2025-07-21] EF6E286DDA85EA2A4BA7DE684E2C6E8793298290 uid [ unknown] Tor Browser Developers (signing key) torbrowser@torproject.org sub rsa4096 2018-05-26 [S] [expires: 2020-12-19]

[AsciiWolf]

@Gullixus Please, create a separate ticket for this. It looks like that your torbrowser-launcher version is probably too old. Or are you experiencing this issue while using the Flatpak version? I have just tested it and have no issues with downloading/installing TBB on a clean installation.