You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@activemq.apache.org by "Erik (JIRA)" <ji...@apache.org> on 2011/03/05 06:48:45 UTC
[jira] Closed: (AMQ-2731) PGP Signature does not validate. The
signing key is not located in the KEYS.txt
[ https://issues.apache.org/jira/browse/AMQ-2731?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Erik closed AMQ-2731.
---------------------
Resolution: Fixed
Fix Version/s: 5.3.2
gpg --verify works correctly
> PGP Signature does not validate. The signing key is not located in the KEYS.txt
> -------------------------------------------------------------------------------
>
> Key: AMQ-2731
> URL: https://issues.apache.org/jira/browse/AMQ-2731
> Project: ActiveMQ
> Issue Type: Bug
> Affects Versions: 5.3.2
> Environment: Ubuntu Linux
> Reporter: Erik
> Priority: Minor
> Fix For: 5.3.2
>
>
> The signing key for apache-activemq-5.3.2-bin.tar.gz is not located in the KEYS.txt. The SHA1 hash does verify!
> According to the website: http://activemq.apache.org/activemq-532-release.html, the following commands should verify the signature of apache-activemq-5.3.2-bin.tar.gz.
> $ gpg --import KEYS.txt
> $ gpg --verify apache-activemq-5.3.2-bin.tar.gz.asc
> Here is the output:
> $ gpg --import KEYS.txt
> gpg: key F5BA7E4F: "Hiram Chirino <hi...@hiramchirino.com>" not changed
> gpg: key 56F3E01B: "David Jencks (geronimo) <da...@yahoo.com>" not changed
> gpg: key 456DFEA9: "David M. Johnson (Dave Johnson) <sn...@apache.org>" not changed
> gpg: key 17AA5B25: "David Johnson <sn...@apache.org>" not changed
> gpg: key 69CC103E: "Gary Tully (key for apache releases) <ga...@gmail.com>" not changed
> gpg: key 2C983957: "Bruce Snyder <bs...@apache.org>" not changed
> gpg: key 6852C7DA: "Dejan Bosanac <de...@nighttale.net>" not changed
> gpg: Total number processed: 7
> gpg: unchanged: 7
> root@s:/var/www# gpg --verify apache-activemq-5.3.2-bin.tar.gz.asc
> gpg: Signature made Mon 26 Apr 2010 03:24:47 PM PDT using RSA key ID A2F9E313
> gpg: Can't check signature: public key not found
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira