Error with apt-get update, elasticsearch signature is not valid

Hello ! I have an issue with apt-get update command

i am on ubuntu 20.04
and the last koa version

when i run :

sudo apt-get update

i got this return :

W: GPG error: stable Release: The following signatures were invalid: 46095ACC8548582C1A2699A9D27D666CD88E42B4

the last stable elasticsearch’s version is 7, and the openedx version is the 1.5 ! So I thought that openedx wanted to block elasticsearch’s updates on purpose.
I decided to run apt-get update excluding the update of elasticsearch

but when i run :

dpkg --get-selections

to show all packages on hold, it return :

elasticsearch hold

elasticsearch is already on hold ! So i don’t know what to do. Has anyone ever faced the same error

Thanks for your help !


@dimitri-hoareau-WEL , on Koa, elasticsearch is pinned to 1.5.2, since that’s the currently compatible version.

apt-get update shouldn’t change your currently installed version though, as it will just update the list of available packages in apt. The error you’re seeing is due to the elasticsearch repository changing their signing key. You can find their updated key at, and most likely this command will fix the error you’re seeing and allow you to update your repository lists:

wget -qO - | sudo apt-key add -

With Koa you should still stick to elasticsearch 1.5.2 though, since it’s the latest version which is compatible with Koa.

thanks you very much !