SCA Java 2.0-M3 (July 2009)
For full detail about the release please see the RELEASE_NOTES and CHANGES files.
Windows
Type |
File |
Signature |
---|---|---|
Binary |
||
Source |
Linux / Mac OS X / Unix
Type |
File |
Signature |
---|---|---|
Binary |
||
Source |
Tomcat Runtime
File |
Signature |
---|---|
Verifying the downloads
To ensure the integrity of the release artifacts they are digitally signed. You can find more information about the way that we sign releases here. To verify the integrity of the downloaded files you must use signatures downloaded from our main distribution directory not from the distribution mirrors.
MD5 checksums can be verified simply by regenerating the checksum and comparing it against the checksum (the md5 file) supplied with the release. There are various utilities that can be used to generate the checksum, for example
openssl md5 apache-tuscany-sca-all-2.0-M3.tar.gz
or
md5sum apache-tuscany-sca-all-2.0-M3.tar.gz
PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the asc signature file for the relevant distribution. Make sure you get these files from our main distribution directory, rather than from a mirror. Then verify the signatures using, for example
pgpk -a KEYS pgpv apache-tuscany-sca-all-2.0-M3.tar.gz.asc
or
pgp -ka KEYS pgp apache-tuscany-sca-all-2.0-M3.tar.gz.asc
or
gpg --import KEYS gpg --verify apache-tuscany-sca-all-2.0-M3.tar.gz.asc