Checking Integrity of GPG4Windows

flapflap flapflap at
Mon Sep 19 15:33:00 CEST 2016


aguy whowrites:
> Not sure if this is the right place or if I will get a reply or if I will
> have to check the mailing list for replies but I'm going to give it a try.
> I am trying to install GPG4Windows and want to check the integrity of GPG
> but am struggling to follow the instructions at the site:
> I am trying to follow the instructions for not having an old version of GPG
> installed, however where do I enter the following code they suggest and how
> do I modify it for my GPG4Windows executable file? What program do I use?
> Keep in mind I don't have an old version of GPG installed.
> sha1sum gnupg-2.0.30.tar.bz2

That is the command for Linux/Unix systems. If you are under Windows,
you'll use

  certutil -hashfile FileToHash.ext sha1


In your case (gpg4win), your "FileToHash.ext" is most likely
"gpg4win-2.3.3.exe" (depends on the package you downloaded from

1. launch "cmd.exe" (e.g. via start menu)
2. type the command

   certutil -hashfile gpg4win-2.3.3.exe sha1

3. press [enter] to start the command
4. compare the output with the "SHA1 checksum" for your file listed on


More information about the Gnupg-users mailing list