Signatures for setup downloads on web servers

From Intrexx version 12.1.0

As of Intrexx version 12.1.0, downloads and online updates from INTREXX are digitally signed in order to increase security against manipulation of the delivered files.

This affects the download in the Intrexx support portal as well as in the Intrexx online help. The Intrexx download manager for online updates in the Intrexx Portal Manager validates downloads automatically.

Signed files can be recognized on the web servers by the fact that a file with the same name but with an additional suffix ".asc" is located next to the file - for example:

intrexx-12.1.0.20250519.549668d-windows.zip
intrexx-12.1.0.20250519.549668d-windows.asc

The ASC file contains an OpenPGP signature that can be validated using the encryption program "GnuPG", for example.

Our signature key is identified by a public fingerprint. This reads:

8679D1BAA7DFA01ED8C39CF46830D53CA20CE310

Example with GnuPG

First, we will save the public key in the GnuPG keyring:

Open the console and enter the following command:

gpg --receive-keys 8679D1BAA7DFA01ED8C39CF46830D53CA20CE310

Now you can verify the files via GnuPG:

Example:

gpg --verify intrexx-12.1.0.20250519.549668d-windows.asc intrexx-12.1.0.20250519.549668d-windows.zip

Determine verification key

If verification is to be carried out using a different tool, you can request the key via https://keys.openpgp.org.