Author: rhillegas Date: Wed Mar 13 14:31:35 2019 New Revision: 1041781 Log: DERBY-7010: Update the href to the KEYS file on the 10.15.1.3 download page; commit derby-7010-23-aa-updateKEYShref.diff.
Modified: websites/production/db/content/derby/releases/release-10.15.1.3.html Modified: websites/production/db/content/derby/releases/release-10.15.1.3.html ============================================================================== --- websites/production/db/content/derby/releases/release-10.15.1.3.html (original) +++ websites/production/db/content/derby/releases/release-10.15.1.3.html Wed Mar 13 14:31:35 2019 @@ -731,7 +731,7 @@ document.write("Last Published: " + docu <h3 class="boxed">Verifying Releases</h3> <div> <p>It is essential that you verify the integrity of the downloaded files using the PGP and SHA-512 signatures. SHA-512 verification ensures the file was not corrupted during the download process. PGP verification ensures that the file came from a certain person.</p> -<p>The PGP signatures can be verified using <a class="external" href="https://www.pgpi.org/">PGP</a> or <a class="external" href="https://www.gnupg.org/">GPG</a>. First download the Apache Derby <a class="external" href="https://dist.apache.org/repos/dist/release/db/derby/KEYS">KEYS</a> as well as the <span class="codefrag">asc</span> signature file for the particular distribution. It is important that you get these files from the ultimate trusted source - the main ASF distribution site, rather than from a mirror. Then verify the signatures using ...</p> +<p>The PGP signatures can be verified using <a class="external" href="https://www.pgpi.org/">PGP</a> or <a class="external" href="https://www.gnupg.org/">GPG</a>. First download the Apache Derby <a class="external" href="https://www.apache.org/dist/db/derby/KEYS">KEYS</a> as well as the <span class="codefrag">asc</span> signature file for the particular distribution. It is important that you get these files from the ultimate trusted source - the main ASF distribution site, rather than from a mirror. Then verify the signatures using ...</p> <pre> % pgpk -a KEYS % pgpv db-derby-X.Y.tar.gz.asc