The link is correct. The key in question is contained in the file.
pub rsa4096 2024-03-22 [SC]
85FBBE98D6C37CDA8A7D8FF9F9FF83A48D339D37
uid [ultimate] Markus Jung (CODE SIGNING KEY) <[email protected]>
sig 3 F9FF83A48D339D37 2024-03-22 [self-signature]
sub rsa4096 2024-03-22 [E]
sig F9FF83A48D339D37 2024-03-22 [self-signature]
The only change ist, that Markus did the Release for 10.1.1.
Gruß
Richard
Am 11. September 2025 18:27:31 MESZ schrieb COURTAULT Francois
<[email protected]>:
>THALES GROUP LIMITED DISTRIBUTION to email recipients
>
>Hello everyone,
>
>In our pipeline for building TomEE Docker base images, we do this:
>+ gpg --batch --verify apache-tomee-10.1.1-plus.tar.gz.asc
>apache-tomee-10.1.1-plus.tar.gz
>gpg: Signature made Sat Aug 16 12:18:25 2025 UTC
>gpg: using RSA key 85FBBE98D6C37CDA8A7D8FF9F9FF83A48D339D37
>gpg: Can't check signature: No public key
>
>It was working with TomEE 10.1.0 but not anymore with TomEE 10.1.1.
>The keys used are located at https://downloads.apache.org/tomee/KEYS
>Is this location still valid for TomEE keys ?
>
>What has changed between 10.1.0 and 10.1.1 ?
>How to fix this issue ? any idea ?
>
>Best Regards.
>
>
>
