Download for Sources
We suggest the following mirror site for your download:
- the ASC file (OpenPGP compatible signature) with the KEYS file (code signing keys used to sign the product)
- the SHA256 or SHA512 files (checksum).
The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the asc signature file for the relevant distribution. Then verify the signatures using:
$ pgpk -a KEYS $ gpgv apacheds-parent-2.0.0.AM25-source-release.zip.asc
$ pgp -ka KEYS $ gpg apacheds-parent-2.0.0.AM25-source-release.zip.asc apacheds-parent-2.0.0.AM25-source-release.zip
$ gpg --import KEYS $ gpg --verify apacheds-parent-2.0.0.AM25-source-release.zip.asc apacheds-parent-2.0.0.AM25-source-release.zip
Alternatively, you can verify the checksums of the files (see the How to verify downloaded files page).