How to adjust, add or remove an expiration date of a key?

When you create a new key and don't change the default settings during the process, that key will have an expiration date. The expiration date is exactly 4 years in the future of the exact day you have created your key.

If you want to change that date to an earlier or later point in time or remove the expiration date or add an expiration date to a key that does not have an expiration set, you can do so:

How to change, add or remove the expiration date

  • open GPG Keychain
  • double click the key in question (Type: sec/pub)
  • Key Inspector will open
  • on the first tab "Key" select "Change Expiry Date"

GKA_key-inspector.png

A dialogue opens in which you can remove the expiration date by unselecting the "Key expires" option. Or you can modify the date if you want to have your key expire but at another point in time.

GKA_key-expires.png

After changing an expiration date make sure to upload the changed key to the key servers if you've previously uploaded your key so the changes will be reflected there as well.

  • in GPG Keychain select the key you'd like to upload
  • select Key > Send public key to Keyserver ( ⇧⌘K )

Why would I want my key to expire?

"Isn't it easier to not have it expire?" Setting an expiration date serves as a security measure which we recommend to use. Should you ever loose access to your secret key or your passphrase and not have an expiration date set, you won't be able to revoke your key (unless you've created a revocation certificate that is). Also the amount of time, required to update your expiration date every four years to extend the expiration date is just a min. A minute well worth invested we think.