How to verify X.509 signatures?

adrelanos adrelanos at
Sat Mar 23 21:06:10 CET 2013

Hello, says [1] they are signing "TrueCrypt Setup 7.1a.exe" [2]
with a X.509 signature. How can I verify such a signature?

(On Debian Wheezy.) I tried:
gpg2 --verify "TrueCrypt Setup 7.1a.exe"

gpg: no valid OpenPGP data found.
gpg: the signature could not be verified.
Please remember that the signature file (.sig or .asc)
should be the first file given on the command line.

gpgsm --verify "TrueCrypt Setup 7.1a.exe"
gpgsm: ksba_cms_parse failed: End of file



More information about the Gnupg-users mailing list