Hello Kai, Kai Mertens skribis: > I wonder if the listed key is as well valid for https://ci.guix.gnu.org > just the same as it used to be valid for https://mirror.hydra.gnu.org. No it’s not. > If not, where can I get the new, correct one? You could download guix-1.0.1.tar.gz for instance, verify its signature, and grab ‘etc/substitutes/ci.guix.gnu.org.pub’ from there. Alternately, here’s the key of ci.guix.gnu.org: --8<---------------cut here---------------start------------->8--- (public-key (ecc (curve Ed25519) (q #8D156F295D24B0D9A86FA5741A840FF2D24F60F7B6C4134814AD55625971B394#) ) ) --8<---------------cut here---------------end--------------->8--- This message is signed, so be sure to check its signature before going any further. > Once I have the keyfile, I am supposed to continue with section > “4.3.2 Substitute Server Authorization”, > right? > > Then I would try: > # guix-daemon --substitute-urls=https://ci.guix.gnu.org > # guix archive --authorize < my/path/to/ci.guix.gnu.org.pub > > Is that correct? Yes. > Would that remove the obsolete substitute server information in the > same go? No, but that’s OK. HTH! Ludo’.