Ruby hash checking

[Bang Will]

Hi there,

How could we perform a checking once we download an installer.

Example one of our staff try to install Ruby in Windows machine and download from this source:

https://github.com/oneclick/rubyinstaller2/releases/download/RubyInstaller-3.3.2-1/rubyinstaller-devkit-3.3.2-1-x64.exe

We would like to check using this documentation however still not found the source for verification the hash file

in this link FAQ · oneclick/rubyinstaller2 Wiki · GitHub there is a tutorial to check it using command:

curl https://rubyinstaller.org/ci.ri2-package-signing-key.asc | gpg --import gpg --verify rubyinstaller-3.0.0-1-x64.exe.asc 

[Lars Kanis]

All rubyinstaller releases are signed by a Microsoft trusted certificate. You can click on the exe file, then "properties", then the signature tab. It should look like so and have a valid signature of "Open Source Developer, Lars Kanis":

You can also use GPG to verify the detached PGP signature (the *.asc file). It should work like written in the FAQ. I just extended the documentation and added my personal key to the curl download since it is used for the latest releases.

Regards, Lars

--

--
You received this message because you are subscribed to the Google Groups "RubyInstaller" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyinstalle...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyinstaller/b336f3ae-60d9-4ea8-8fc2-4c646f539c4dn%40googlegroups.com.

[Bang Will]

Thank you Lars for the answer, will try this one on local machine

Checking the page regarding FAQ seem its already upgrade, appriciate regarding that.

Thank you.

BangWil