Getting NGINX signing key for Alpine

My team builds an Alpine container image with nginx using Ansible and the nginxinc.nginx role. The build has been failing since 2025-08-03:

[2025-08-04T09:39:24.173Z] 1754300363,,ui,say,==> docker.cloud9: TASK [nginxinc.nginx : (Alpine Linux) Download NGINX signing key] **************
[2025-08-04T09:39:24.173Z] 1754300363,,ui,say,==> docker.cloud9: Monday 04 August 2025  09:39:23 +0000 (0:00:00.038)       0:00:49.810 *********
[2025-08-04T09:39:27.423Z] 1754300367,,ui,say,==> docker.cloud9: fatal: [Alpine-nginx-nginx]: FAILED! => {"changed": false%!(PACKER_COMMA) "dest": "/etc/apk/keys/nginx_signing.rsa.pub"%!(PACKER_COMMA) "elapsed": 0%!(PACKER_COMMA) "msg": "Request failed"%!(PACKER_COMMA) "response": "HTTP Error 404: Not Found"%!(PACKER_COMMA) "status_code": 404%!(PACKER_COMMA) "url": "https://nginx.org/keys/nginx_signing.rsa.pub"}

When I use https://nginx.org/keys/nginx_signing.rsa.pub in a browser, I get a 404 error.

I found https://nginx.org/keys/nginx_signing.key and tried to override the URL in the role setting nginx_signing_key=https://nginx.org/keys/nginx_signing.key but it’s a PGP public key and nginx_signing.rsa.pub appears to be an RSA public key so the install task fails.

Will https://nginx.org/keys/nginx_signing.rsa.pub return? Can anyone suggest an solution?

1 Like

This was raised as issue #818.

1 Like

It looks like this has been fixed on the NGINX side. I can once again download
https://nginx.org/keys/nginx_signing.rsa.pub and our builds are working again.

2 Likes

Seems like it was a temporary fluke in our systems!

2 Likes

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.