Code signing Db2 images released before February 28th, 2023
Code signing is the process of digitally signing files to assure users that the Db2 software performs as intended. It acts as proof that the file has not been tampered with or corrupted.
Before you begin
Note: As of February 28th, 2023, the
code signing software that is used in this procedure is now deprecated. Db2 11.5 images on Fix
Central that were posted before this date can still be signed using the deprecated code signing
software. For code signing Db2 11.5.8 and later versions, see Code signing Db2 images on and after February 28th, 2023.
About this task
To verify your Db2 install image, three
files are required from Fix Central:
- The install image.
- The signature file.
- The public key.
The following code block shows the files needed before February 28th, 2023, which includes the
public key publicKey.pem
:
v11.5.7_linuxx64_server_dec.tar.gz (install image)
v11.5.7_linuxx64_server_dec.tar.gz.sig (signature file)
publicKey.pem (public key)
Once these files are located, the signature can be verified in two steps with
openssl. To verify that openssl is installed, run
which openssl
from your Linux terminal. To download openssl, go
to https://www.openssl.org/.Note: openssl is an open source tool that is included with most Linux OS
distributions. There is no specific version requirement for it.
Procedure
Example
openssl dgst -sha256 -verify publicKey.pem -signature v11.5.7_linuxx64_server_dec.tar.gz.sig v11.5.7_linuxx64_server_dec.tar.gz