Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Install and Configure CTE-U with CipherTrust Manager

Verifying Package Signatures

search

Verifying Package Signatures

This section explains how to verify signatures of the CTE-U installer packages. After the signature is verified, CTE-U can be installed on file servers.

Verifying Signature of rpm Packages

To verify the signature of the rpm package:

  1. Download the public key from the Support Portal:

    Note

    The key is named 610-000250-001_PUBLIC-GPG-CONNECTOR-SIGNING-KEY.key.

  2. Save the key on the file server, for example, at /cte/public_key.

  3. Navigate to the directory where the extracted CTE-U packages are stored.

  4. Import the public key into the rpm keystore, type:

    Run rpm --import /path/to/public_key/<gpg_key>.

    Example

    rpm --import /cte/public_key/610-000250-001_PUBLIC-GPG-CONNECTOR-SIGNING-KEY.key

  5. Verify the signature, type:

    rpm -Kvv <protectfile_installer>.rpm.

    Example

    rpm Kvv cte_<version>-<build>.x86_64.rpm

    The command output should contain information similar to the following:

    cte-<version>-<build>.x86_64.rpm:
Header V3 RSA/SHA256 Signature, key ID <key_id>: OK
Header SHA1 digest: OK (<sha1_digest>)
V3 RSA/SHA256 Signature, key ID <key_id>: OK
MD5 digest: OK (<md5_digest>)

If the output contains Signature, key ID : OK for SHA256, the signature is verified successfully.

Verifying Signature of deb Packages

To verify the signature of the deb package:

  1. Download the public key from the Support Portal:

    Note

    The key is named 610-000250-001_PUBLIC-GPG-CONNECTOR-SIGNING-KEY.key.

  2. Save the key on the file server, for example, at /cte/public_key.

  3. Navigate to the directory where the extracted CTE-U packages are stored.

  4. Import the public key, type:

    gpg --import /path/to/public_key/<gpg_key>

    For example, run:

    gpg --import /pf/public_key/610-000250-001_PUBLIC-GPG-CONNECTOR-SIGNING-KEY.key

  5. Verify the signature, type:

    gpg -verify cte_<version>-<build>.deb.sig.

    If the output contains the text Good signature, the signature is verified successfully.

Verifying Signature of Interactive Installers

To verify the signature of the interactive installer package:

  1. Download the public key from the Support Portal:

    Note

    The key is named 610-000250-001_PUBLIC-GPG-CONNECTOR-SIGNING-KEY.key.

  2. Save the key on the file server, for example, at /cte/public_key.

  3. Navigate to the directory where the extracted CTE-U packages are stored.

  4. Import the public key, type: (The signature cannot be verified without a valid public key.)

    gpg --import /path/to/public_key/<gpg_key>.

    For example, run:

    gpg --import /pf/public_key/610-000250-001_PUBLIC-GPG-CONNECTOR-SIGNING-KEY.key

  5. Verify the signature.

    gpg -verify safenet_pf<version>-<build>.tar.gz.sig.

If the output contains a good signature, the signature is verified successfully.

On this page