Thanks for taking your time!
Validating an Apache release might seem complicated if you're doing it for the first time.
This page should help in resolving some typical issues you'll experience when you're validating a release. If you have any problems, we're happy to help you on the dev list!
The gpg verification fails with "public key not found"
Problem:
The gpg verification fails with a message like this:
Code Block | ||
---|---|---|
| ||
gpg: Signature made Sat Jan 18 07:21:28 2003 PST using DSA key ID DE885DD3
gpg: Can't check signature: public key not found |
Solution:
You need to fetch the key from a keyserver:
Code Block | ||
---|---|---|
| ||
gpg --keyserver keyserver.ubuntu.com --recv-key DE885DD3 # use the key provided in the output above |
This is partially taken from http://www.apache.org/info/verification.html, where you can find more in-depth information!