Overview
For Universal Controller 7.6 and Universal Agent 7.6 and forward, the installation packages are PGP-signed for security and authentication.
Verifying the files with digital signatures helps mitigate the risk of downloading and installing malicious or compromised software.
You can download the public key here to verify packages.
This page will show you how the signature interaction works and how you can verify the files once you download them.
Verifying PGP Signatures
| Info |
|---|
The example provided uses The GNU Privacy Guard. Any OpenPGP compliant program should work successfully. |
Each package has a corresponding .asc file (detached signature). For example, the release universal-controller-7.6.0.0-build.140.zip has a corresponding file, universal-controller-7.6.0.0-build.140.zip.asc.
These instructions assume you have already downloaded both of these files.
| Note |
|---|
The example commands provided are for the verification of Universal Controller packages, but the instructions are the same for Universal Agent. The only difference in the commands are the file names. |
1. Retrieve Public Key
Download the GPG public key from https://packages.stonebranch.com/uac/GPG-KEY-UAC.asc
...