You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kylin.apache.org by "hemanth dendukuri (JIRA)" <ji...@apache.org> on 2016/02/25 23:14:18 UTC

[jira] [Created] (KYLIN-1448) Warning while verifying the signature of Kylin artifacts.

hemanth dendukuri created KYLIN-1448:
----------------------------------------

             Summary: Warning while verifying the signature of Kylin artifacts. 
                 Key: KYLIN-1448
                 URL: https://issues.apache.org/jira/browse/KYLIN-1448
             Project: Kylin
          Issue Type: Bug
            Reporter: hemanth dendukuri


I downloaded apache-kylin-1.2-bin.tar.gz from mirror and downloaded apache-kylin-1.2-src.tar.gz.asc file from https://dist.apache.org/repos/dist/release/kylin/apache-kylin-1.2/

When I verified the artifacts. I found below warning message 

gpg: Good signature from "Shaofeng Shi <sh...@apache.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!

Resolution 
---------------
You need to sign your primary keys with other Kylin committers. for more details follow below links.

http://security.stackexchange.com/questions/6841/ways-to-sign-gpg-public-key-so-it-is-trusted

http://www.phillylinux.org/keys/terminal.html  
 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)