Add a FAQ on how to check the authenticity of the openSSL distribution.
PR: 292
This commit is contained in:
Richard Levitte
parent
8260eded07
commit
64051a3a71
14
FAQ
14
FAQ
@ -9,6 +9,7 @@ OpenSSL - Frequently Asked Questions
|
|||||||
* Where can I get a compiled version of OpenSSL?
|
* Where can I get a compiled version of OpenSSL?
|
||||||
* Why aren't tools like 'autoconf' and 'libtool' used?
|
* Why aren't tools like 'autoconf' and 'libtool' used?
|
||||||
* What is an 'engine' version?
|
* What is an 'engine' version?
|
||||||
|
* How do I check the authenticity of the OpenSSL distribution?
|
||||||
|
|
||||||
[LEGAL] Legal questions
|
[LEGAL] Legal questions
|
||||||
|
|
||||||
@ -136,6 +137,19 @@ hardware. This was realized in a special release '0.9.6-engine'. With
|
|||||||
version 0.9.7 (not yet released) the changes were merged into the main
|
version 0.9.7 (not yet released) the changes were merged into the main
|
||||||
development line, so that the special release is no longer necessary.
|
development line, so that the special release is no longer necessary.
|
||||||
|
|
||||||
|
* How do I check the authenticity of the OpenSSL distribution?
|
||||||
|
|
||||||
|
We provide MD5 digests and ASC signatures of each tarball.
|
||||||
|
Use MD5 to check that a tarball from a mirror site is identical:
|
||||||
|
|
||||||
|
md5sum TARBALL | awk '{print $1;}' | cmp - TARBALL.md5
|
||||||
|
|
||||||
|
You can check authenticity using pgp or gpg. You need the OpenSSL team
|
||||||
|
member public key used to sign it (download it from a key server). Then
|
||||||
|
just do:
|
||||||
|
|
||||||
|
pgp TARBALL.asc
|
||||||
|
|
||||||
[LEGAL] =======================================================================
|
[LEGAL] =======================================================================
|
||||||
|
|
||||||
* Do I need patent licenses to use OpenSSL?
|
* Do I need patent licenses to use OpenSSL?
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user