Index

2. Import the MOOC Campus do Mar public key on your system

1. Introduction

The certificate issued by MOOC Campus do Mar is signed by a gpg key so that it can be validated independently by anyone who has the MOOC Campus do Mar public key. For independent verification MOOC Campus do Mar uses what is called a "detached signature" meaning that the signature for the certificate is contained in a separate file with a ".sig" extension.

To complete the verification procedure you will need the following three files:

The official MOOC Campus do Mar public key.
The MOOC Campus do Mar certificate belonging to Daniel Abrams (you should already have this file).
The signature file for Daniel Abrams's certificate

Signature

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJXEYCWAAoJEHPpFA9/00l0tMUIAIelpoC9ApDimDqJZ2xalF2F IEw0VJbo1jyA+o1qAWSySFlW4Xj20EvWbEB7M7wtt8P6G4G+1jgqgOBsWu98k5sx T1Uu7ncBlVQfTg6MqF3ygJ53LdJEpX8TEueKaMDoeONTm4ee+o+esSmvB58sEJi7 NXFuziVmJ9ZNOnyA/GloODabJYcGJFxorM24OJxfKDnq0PQVGPiqTu45/u1bFMLN BluCDt0MzhO8wUolzRRiiGMEpINe6s5pv+70QP/qWzI7oQV3mtDTYB4TMQD4XQjc xKIQ75CQeAp2UmoOYfp/JnUzcVtOFKMYNxglunMvJJBU5z86U+SHwMZ+sqOccOA= =KJtr -----END PGP SIGNATURE-----

Download this signature

Ensure you have the pdf, the ".sig" signature file and the MOOC Campus do Mar public key copied to a single directory before you begin.

(Back to Index)

2. Import the MOOC Campus do Mar public key on your system

To import the public key follow the instructions according to your operating system:

2.a. Import the MOOC Campus do Mar public key on OSX using GPG Keychain

2.b. Import the MOOC Campus do Mar public key on Microsoft Windows using gpg4win

2.c. Import the MOOC Campus do Mar public key on Linux using gpg

2.a. Import the MOOC Campus do Mar public key on OSX using GPG Keychain

Download and install gpgtools.
After installation, GPG Keychain Access will prompt for a new personal keypair.
Click the import icon to import the public key file MOOC Campus do Mar, public-key.pub.
CTRL-click the MOOC Campus do Mar public key and select "sign" to validate it.
Confirm that the MOOC Campus do Mar public key is listed in the GPG Keychain Access window.

(Back to Index)

2.b. Import the MOOC Campus do Mar public key on Microsoft Windows using gpg4win

Download and install the full version of gpg4win.
After the installation is complete, launch Kleapatra from the start menu.
Create a new personal certificate if don't have one listed under "My Certificates".

When prompted, select "Create personal OpenPGP key pair."

new certificate

Import the MOOC Campus do Mar public key file, public-key.pub for MOOC Campus do Mar by clicking on the "Import Certificate" icon.
Certify the MOOC Campus do Mar public key by highlighting the MOOC Campus do Mar certificate and selecting "Certify Certificate" under the "Certificates" menu.
Make sure that the MOOC Campus do Mar public key/certificate is listed under the "Trusted Certificates" tab.

(Back to Index)

2.c. Import the MOOC Campus do Mar public key on Linux using gpg

On Linux distributions such as Ubuntu, gpg is already installed. Open up a terminal and type the following to check if you have gpg installed:

gpg --version

If you obtain a text with the first line as follow, then you have already installed gpg:

gpg (GnuPG) 1.4.16

If needed, download and install gpg.

If you don't have a personal key pair of secret and public keys, generate new ones:

gpg --gen-key

Go to the directory where you downloaded the MOOC Campus do Mar public-key.pub file and import the key into gpg. Output example has no real values:

gpg --import public-key.pub

gpg: key 8C8FD68C: public key "edx team (test keys) " imported
	    gpg: Total processed quantity: 1
	    gpg:                 imported: 1  (RSA: 1)

Sign the MOOC Campus do Mar public key.

gpg --sign-key 8C8FD68C

pub  2048R/8C8FD68C  created: 2016-02-18  [expires: never     ]  uso: SC 
          trust: unknown   validity: unknown
	  sub  2048R/D1BD0127  created: 2016-02-18  [expires: never     ]  use: E  
	  unknown (1). edx team (test key) 
	    
	    
	    pub  2048R/8C8FD68C  created: 2016-02-18  [expires: never     ]  uso: SC 
            trust: unknown   validity: unknown
	    Primary key fingerprint: 0383 6401 597D 1260 6F64  CD5B 715C 2A41 8C8F D68C
	    
	    edx team (test keys) 
	      
	      Are you really sure you want to sign this key with your key:
	      "Student team (key pair) " (90A1B78C)?
		
		Really sign? (y/N) y

Confirm that the MOOC Campus do Mar public key is listed in the gpg list keys and it has Short ID 8C8FD68C.

gpg --list-keys

	  pub   2048R/8C8FD68C 2016-02-18
	  uid                  edx team (test keys) 
	    sub   2048R/D1BD0127 2016-02-18

(Back to Index)

3. Verify the MOOC Campus do Mar certificate using gpg on OSX, Windows or Linux

Open up a new terminal on OSX or Linux or a command window on Windows
Go into the directory where the .sig and .pdf files are located
Run the following command to verify the fingerprint of the MOOC Campus do Mar key

gpg --verify Certificate.pdf.sig Certificate.pdf

Confirm that "Good signature from "MOOC Campus do Mar <edx@campusdomar.es>" is reported by gpg

(Back to Index)