How to fetch OpenPGP key for Mesos installation?

Question

I've been trying to install Mesos on an Ubuntu 14.04 Openstack virtual machine and have been running into some issues. I can't simply follow the instructions for the tarball because Maven throws lots of errors behind the proxy that I have to use. I've installed the Mesos key DF7D54CBE56151BF from http://keyserver.ubuntu.com/pks/lookup?op=get&search=0xDF7D54CBE56151BF onto the virtual machine and can verify:

root@erik-mesos2:~# gpg --list-keys
/root/.gnupg/pubring.gpg
------------------------
pub   4096R/E56151BF 2014-05-21
uid                  Mesosphere Archive Automatic Signing Key <support@mesosphere.io>

I'm following the instructions listed here: https://docs.mesosphere.com/tutorials/install_ubuntu_debian/#step-1

but when I run apt-get update after installing the key, I end up with an error of

W: GPG error: http://repos.mesosphere.io trusty InRelease: The following signatures 
couldn't be verified because the public key is not available: NO_PUBKEY DF7D54CBE56151BF

For reference, the tutorial asks for these commands after the key installation.

DISTRO=$(lsb_release -is | tr '[:upper:]' '[:lower:]')
CODENAME=$(lsb_release -cs)
echo "deb http://repos.mesosphere.io/${DISTRO} ${CODENAME} main" |  sudo tee /etc/apt/sources.list.d/mesosphere.list
sudo apt-get -y update

I also do have both http_proxy and https_proxy variables set up. What's going wrong?

Answer 1

apt uses it's own GnuPG keyring /etc/apt/trusted.gpg. Use apt-key to fetch the key instead, which wraps around GnuPG using the right keyring.

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv DF7D54CBE56151BF

This is also what's proposed in the official documents, but I replaced the short key ID with a long key ID for security reasons.