The digital signature on this image is invalid



  • "The digital signature on this image is invalid.
    This means that the image you uploaded is not an official/supported image and may lead to unexpected behavior or security compromises. Only install images that come from sources that you trust, and make sure that the image has not been tampered with.

    Do you want to install this image anyway (on your own risk)?"

    This is the message I get when I attempt to update to the pfSense-Full-Update-1.2.3-20090928-1703.tgz.
    I have downloaded the file twice and get the same problem.  The is where I downloaded it from http://snapshots.pfsense.org/FreeBSD_RELENG_7_2/pfSense_RELENG_1_2/updates/

    is it safe to use this or should I wait?

    Thanks
    Matt



  • What I understand is that snapshots do not contain a digital signature. Only official releases are signed, you will always get this message when invoking snapshot firmware's. Obviously there is always a risk when installing snapshots, when the device is business critical you could consider waiting for the official release.

    With a bit of basic searching you would have found this:

    http://forum.pfsense.org/index.php/topic,19095.0.html  ;)


  • Rebel Alliance Developer Netgate

    Yes, only official releases and release candidates are signed.

    An official signed RC3 image is being tested right now and could be released at any time.



  • I'm sorry, to be honest I didn't do a search…. I just looked at the subject of the first page of posts.  I do normally try and do a search, not sure why I didn't this time.  Anyhow I just found it strange because I have updated to several 1.2.3 releases in the past and never seen that message before.

    I've been using pfsense for a while now.  One at a small office and one at home.  Absolutely love it.  I've tried many different firewall solutions like ipcop, smoothwall, monowall, and clarkconnect(seemed convenient at first but too many security problems with running a server on the same box).  This is the all around best out there.  So just want to says thanks to all the developers.



  • @justsomeguy6575:

    I'm sorry, to be honest I didn't do a search…. I just looked at the subject of the first page of posts.  I do normally try and do a search, not sure why I didn't this time.  Anyhow I just found it strange because I have updated to several 1.2.3 releases in the past and never seen that message before.

    I've been using pfsense for a while now.  One at a small office and one at home.  Absolutely love it.  I've tried many different firewall solutions like ipcop, smoothwall, monowall, and clarkconnect(seemed convenient at first but too many security problems with running a server on the same box).  This is the all around best out there.  So just want to says thanks to all the developers.

    See the thread I mentioned. Gloomrider posts:

    Signature check is new, correct?  This is the first time I've seen this.

    Then CMB posts:

    New on nanobsd, yeah. It was broken for nanobsd previously.


Log in to reply