Download Binaries

We suggest the following mirror site for your download:

Download jar and war files


Other mirrors:

We encourage you to verify the integrity of the downloaded file using:
  • the ASC file (OpenPGP compatible signature) with the KEYS file (code signing keys used to sign the product)
  • the SHA256 or SHA512 files (checksum).


Verify the integrity of the file

The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the asc signature file for the relevant distribution. Then verify the signatures using:

$ pgpk -a KEYS
$ pgpv fortress-core-2.0.3.jar.asc
$ pgp -ka KEYS
$ pgp fortress-core-2.0.3.jar.asc
$ gpg --import KEYS
$ gpg --verify fortress-core-2.0.3.jar.asc


Alternatively, you can verify the files' signature (see the How to verify downloaded files page).