When I try to download the latest the SIG and SHA512 sigs fail the check
openmeet@cubby <mailto:openmeet@cubby>:~$ gpg --verify
apache-openmeetings-5.0.0-M3-src.zip.asc
gpg: assuming signed data in 'apache-openmeetings-5.0.0-M3-src.zip'
gpg: Signature made Wed Dec 11 12:07:57 2019 UTC
gpg: using RSA key 15EB59354EBF43E3A6314BEBE8302FC78456901E
gpg: BAD signature from "Maxim Solodovnik <[email protected]
<mailto:[email protected]>>" [unknown]
I tried and ealier version M2 and they did
openmeet@cubby <mailto:openmeet@cubby>:~/m2$ gpg --verify
apache-openmeetings-5.0.0-M2-src.tar.gz.asc
gpg: assuming signed data in 'apache-openmeetings-5.0.0-M2-src.tar.gz'
gpg: Signature made Fri Jul 12 13:27:10 2019 UTC
gpg: using RSA key D3BFD979E8D3DD4BEDA61BC49E6917B5C467526E
gpg: Good signature from "Maxim Solodovnik (solomax)
<[email protected] <mailto:[email protected]>>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the
owner.
Primary key fingerprint: D3BF D979 E8D3 DD4B EDA6 1BC4 9E69 17B5 C467 526E
Brett
