Author Topic: Signature warning  (Read 128 times)

Offline rokj

  • Jr. Member
  • **
  • Posts: 11
Signature warning
« on: December 28, 2020, 05:55:57 AM »

I tried importing, verifying gpg key and got ... is this ok?

gpg --verify roundcubemail-1.4.10-complete.tar.gz.asc roundcubemail-1.4.10-complete.tar.gz
gpg: Signature made ned 27 dec 2020 22:58:11 CET
gpg:                using RSA key 8970E37A698AF775D87D590DC2946A9609CD56B4
gpg:                issuer ""
gpg: Good signature from "Roundcube Developers <>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: F3E4 C04B B3DB 5D42 15C4  5F7F 5AB2 BAA1 41C4 F7D5
     Subkey fingerprint: 8970 E37A 698A F775 D87D  590D C294 6A96 09CD 56B4

Offline JohnDoh

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2,539
Re: Signature warning
« Reply #1 on: December 28, 2020, 07:02:25 AM »
The primary key fingerprint appears correct and the signature has verified so I think it is ok.

You can read more about the trusted signature warning here
Roundcube Plugins: Contextmenu, SpamAssassin Prefs, and moreā€¦