You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@activemq.apache.org by "Erik (JIRA)" <ji...@apache.org> on 2011/03/05 06:48:45 UTC

[jira] Closed: (AMQ-2731) PGP Signature does not validate. The signing key is not located in the KEYS.txt

     [ https://issues.apache.org/jira/browse/AMQ-2731?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Erik closed AMQ-2731.
---------------------

       Resolution: Fixed
    Fix Version/s: 5.3.2

gpg --verify works correctly

> PGP Signature does not validate. The signing key is not located in the KEYS.txt
> -------------------------------------------------------------------------------
>
>                 Key: AMQ-2731
>                 URL: https://issues.apache.org/jira/browse/AMQ-2731
>             Project: ActiveMQ
>          Issue Type: Bug
>    Affects Versions: 5.3.2
>         Environment: Ubuntu Linux
>            Reporter: Erik
>            Priority: Minor
>             Fix For: 5.3.2
>
>
> The signing key for apache-activemq-5.3.2-bin.tar.gz is not located in the KEYS.txt. The SHA1 hash does verify!
> According to the website: http://activemq.apache.org/activemq-532-release.html, the following commands should verify the signature of apache-activemq-5.3.2-bin.tar.gz.
> $ gpg --import KEYS.txt
> $ gpg --verify apache-activemq-5.3.2-bin.tar.gz.asc
> Here is the output:
> $ gpg --import KEYS.txt
> gpg: key F5BA7E4F: "Hiram Chirino <hi...@hiramchirino.com>" not changed
> gpg: key 56F3E01B: "David Jencks (geronimo) <da...@yahoo.com>" not changed
> gpg: key 456DFEA9: "David M. Johnson (Dave Johnson) <sn...@apache.org>" not changed
> gpg: key 17AA5B25: "David Johnson <sn...@apache.org>" not changed
> gpg: key 69CC103E: "Gary Tully (key for apache releases) <ga...@gmail.com>" not changed
> gpg: key 2C983957: "Bruce Snyder <bs...@apache.org>" not changed
> gpg: key 6852C7DA: "Dejan Bosanac <de...@nighttale.net>" not changed
> gpg: Total number processed: 7
> gpg:              unchanged: 7
> root@s:/var/www# gpg --verify apache-activemq-5.3.2-bin.tar.gz.asc
> gpg: Signature made Mon 26 Apr 2010 03:24:47 PM PDT using RSA key ID A2F9E313
> gpg: Can't check signature: public key not found

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira