Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
Validating download signatures on Windows
« previous
next »
Print
Pages: [
1
]
Author
Topic: Validating download signatures on Windows (Read 4946 times)
jimk2048
Newbie
Posts: 7
Karma: 0
Validating download signatures on Windows
«
on:
July 19, 2019, 10:16:44 pm »
noob question, How can I validate the download file signatures on a windows 10 pc?
Here's what I have done...
downloaded the following files from different mirrors:
OPNsense-19.7.pub
OPNsense-19.7-OpenSSL-dvd-amd64.iso.bz2
OPNsense-19.7-OpenSSL-dvd-amd64.iso.bz2.sig
and confirmed the OPNsense-19.7.pub content matched other mirrors and the forum webpage.
using Kleopatra\GpgEX I have tried to import the public key but consistently get a BER error. (see attachment)
I have tried renaming the OPNsense-19.7.pub with these extensions: asc,gpg,pem,der but import still fails.
The best directions I found online were these,
https://www.gpg4win.org/doc/en/gpg4win-compendium_15.html
Which suggests the first step is importing the public key, I don't know, but I've already tried randomly clicking all the buttons in Kleopatra.
Not sure what to try next, any help would be great.
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Validating download signatures on Windows
«
Reply #1 on:
July 20, 2019, 10:53:55 am »
Try to verify it using openssl on the command line. It is not a GPG signature (it is a public key only and not a certficate).
Logged
jimk2048
Newbie
Posts: 7
Karma: 0
Re: Validating download signatures on Windows
«
Reply #2 on:
July 20, 2019, 06:36:29 pm »
Thanks! Worked just like the 'Installation & Configuration' guide has it documented. I didn't realize Kleopatra added the OpenSSL command line exe. Here are the specific commands, maybe it will help someone else.
F:\download>openssl base64 -d -in OPNsense-19.7-OpenSSL-dvd-amd64.iso.bz2.sig -out OPNsense-19.7-tmp-image.sig
WARNING: can't open config file: /etc/ssl/openssl.cnf
F:\download>openssl dgst -sha256 -verify OPNsense-19.7.pub -signature OPNsense-19.7-tmp-image.sig OPNsense-19.7-OpenSSL-dvd-amd64.iso.bz2
WARNING: can't open config file: /etc/ssl/openssl.cnf
Verified OK
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
Validating download signatures on Windows