OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

Verifying openvpn download

https://forums.openvpn.net/viewtopic.php?t=8665

Page 1 of 1

Verifying openvpn download

Posted: Thu Aug 18, 2011 6:12 am
by jcapps
I downloaded the file but do not understand the verifying the file and a link on the page that I think I need is not working. I don't know how to verify the signature.

Re: Verifying openvpn download

Posted: Thu Aug 18, 2011 8:36 am
by janjust
you need to download the pubkey.txt file first, but unfortunately the SSL certificate for secure.openvpn.net has expired.
Here's how you can verify your openvpn download:

Code: Select all

wget --no-check-certificate https://secure.openvpn.net/pubkey.txt
gpg --import pubkey.txt
gpg -v --verify openvpn-2.2.1.tar.gz.asc
make sure that the file openvpn-2.2.1.tar.gz is in the same directory. You should see output similar to:

Code: Select all

gpg: armor header: Version: GnuPG v1.4.6 (GNU/Linux)
gpg: assuming signed data in `openvpn-2.2.1.tar.gz'
gpg: Signature made Tue Jul  5 09:16:15 2011 CEST using DSA key ID 1FBF51F3
gpg: using PGP trust model
gpg: Good signature from "James Yonan <jim@yonan.net>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: C699 B264 0C6D 404E 6454  A9AD 1D0B 4996 1FBF 51F3
gpg: binary signature, digest algorithm SHA1
you can ignore the gpg WARNING.

On Windows you'll need to find a corresponding gpg.exe binary.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/