How to verify X.509 signatures?

adrelanos adrelanos at riseup.net
Sat Mar 23 21:06:10 CET 2013


Hello,

TrueCrypt.org says [1] they are signing "TrueCrypt Setup 7.1a.exe" [2]
with a X.509 signature. How can I verify such a signature?

(On Debian Wheezy.) I tried:
gpg2 --verify "TrueCrypt Setup 7.1a.exe"

gpg: no valid OpenPGP data found.
gpg: the signature could not be verified.
Please remember that the signature file (.sig or .asc)
should be the first file given on the command line.

gpgsm --verify "TrueCrypt Setup 7.1a.exe"
gpgsm: ksba_cms_parse failed: End of file

Cheers,
adrelanos

[1] http://www.truecrypt.org/docs/?s=digital-signatures
[2] http://www.truecrypt.org/downloads



More information about the Gnupg-users mailing list