This is a solution I ran across on Ask Ubuntu. It solves a problem of not being able to upgrade via do-release-upgrade when you have packages that the installer has determined are "unauthenticated."

I have WordPress installed. All of the MySQL and MariaDB packages are unauthenticated. Rather than start a whole new Droplet on Digital Ocean and reinstall and configure everything again, I chose this option. It's not the right way but it works.

Important Security Notice

This answer will disable an critical security feature in Ubuntu. It will stop Ubuntu checking packages are the the same as they were when they were built.

This could mean your updates are compromised or corrupt.
This could mean there's just a bug in the way Ubuntu's release upgrades are handled.

I'm not saying you should never do this, I'm just asking you to be aware of what you're doing. And put things back after you upgrade. Don't leave AllowUnauthenticated on indefinitely.

create the file  

/etc/update-manager/release-upgrades.d/unauth.cfg 

as root and add the following.

[Distro]
AllowUnauthenticated=yes

After upgrade, remove this file.