Version Information


How to Verify X.509 Signatures



Yüklə 5,12 Kb.
Pdf görüntüsü
səhifə89/130
tarix07.01.2024
ölçüsü5,12 Kb.
#205371
1   ...   85   86   87   88   89   90   91   92   ...   130
TrueCrypt User Guide

How to Verify X.509 Signatures 
Please note that X.509 signatures are currently available only for the TrueCrypt self-extracting 
installation packages for Windows. An X.509 digital signature is embedded in each of those files 
along with the digital certificate of the TrueCrypt Foundation issued by a public certification 
authority. To verify the integrity and authenticity of a self-extracting installation package for 
Windows, follow these steps: 


108 
1. Download the TrueCrypt self-extracting installation package. 
2. In the Windows Explorer, click the downloaded file (‘
TrueCrypt Setup.exe
’) with the right 
mouse button and select ‘
Properties
’ from the context menu. 
3. In the 
Properties
dialog window, select the ‘
Digital Signatures
’ tab. 
4. On the ‘
Digital Signatures
’ tab, in the ‘
Signature list
’, double click the line saying "
TrueCrypt 
Foundation
". 
5. The ‘
Digital Signature Details
’ dialog window should appear now. If you see the following 
sentence at the top of the dialog window, then the integrity and authenticity of the package 
have been successfully verified: 
"
This digital signature is OK.

If you do not see the above sentence, the file is very likely corrupted. Note: On some 
obsolete versions of Windows, some of the necessary certificates are missing, which 
causes the signature verification to fail. 
How to Verify PGP Signatures 
To verify a PGP signature, follow these steps: 
1. Install any public-key encryption software that supports PGP signatures. Links to such 
software may be found at 
http://www.truecrypt.org/links

2. Create a private key (for information on how to do so, please see the documentation for the 
public-key encryption software). 
3. Download our PGP public key from our server or from a trusted public key repository, and 
import the downloaded key to your keyring (for information on how to do so, please see the 
documentation for the public-key encryption software). 
4. Sign the imported key with your private key to mark it as trusted (for information on how to 
do so, please see the documentation for the public-key encryption software).
Note: If you skip this step and attempt to verify any of our PGP signatures, you will receive 
an error message stating that the signing key is invalid. 
5. Download the digital signature by clicking the 
PGP Signature
button next to the file you 
want to verify (on one of the 
download pages
). 
6. Verify the downloaded signature (for information on how to do so, please see the 
documentation for the public-key encryption software). 


109 

Yüklə 5,12 Kb.

Dostları ilə paylaş:
1   ...   85   86   87   88   89   90   91   92   ...   130




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin