If you attempted to upgrade from ownCloud 10.7.0 to 10.8.0 using the APT repository, you most likely encountered a signature error as followed :
Get:11 https://download.owncloud.org/download/repositories/10.8.0/Debian_10 Release [964 B]
Get:12 https://download.owncloud.org/download/repositories/10.8.0/Debian_10 Release.gpg [481 B]
Ign:12 https://download.owncloud.org/download/repositories/10.8.0/Debian_10 Release.gpg
Reading package lists… Done
W: GPG error: https://download.owncloud.org/download/repositories/10.8.0/Debian_10 Release: The following signatures were invalid: DDA2C105C4B73A6649AD2BBD47AE7F72479BC94B
E: The repository ‘http://download.owncloud.org/download/repositories/10.8.0/Debian_10 Release’ is not signed.
N: Updating from such a repository can’t be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
The only possible workaround to use this repo is to tell APT to ignore the repository signature by specifying that the repo is trusted. This is usually not something recommended on a security perspective, but you may do it in the meantime the signature is fixed by the publisher if you really need to.
1. Edit the APT repository file that contain your ownCloud repo (it could be the default OS repo as followed) :
/etc/apt/sources.list
Or perhaps a custom list file as followed in my case :
/etc/apt/sources.list.d/owncloud.list
2. Append “[trusted=yes]” between “deb” and the repository URL as followed :
deb [trusted=yes] http://download.owncloud.org/download/repositories/10.8.0/Debian_10/ /
3. Run the apt update command :
apt-get update
From that point, the signature status should be ignored and APT will fetch the file index from the repo, and will now be available when you’ll issue a “apt-get upgrade” command. You may revisit at the next release if this workaround is still required.