Hello All !
I’m new to NextCloud, and not a very experienced Linux admin, so thank you for bearing with me.
My install of NextCloud 12.0.0.0 on a VPS running Ubuntu 16.04 went smoothly, largely owing to the official instructions posted here.
However, upon checking the PGPsignature of the archive downloaded from here, GPG returns the following message :
gpg: Signature made lun. 22 mai 2017 10:33:42 CEST using RSA key ID A724937A
gpg: BAD signature from "Nextcloud Security <security@nextcloud.com>"
Should I be concerned over this message? Have others encountered this issue?
EDIT
My bad, I just noticed I was checking the authenticity of the zip archive against the signature of the tar.bz2 archive. I am now getting a mere warning (below). Sorry for the disturbance.
gpg: Good signature from "Nextcloud Security <security@nextcloud.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2880 6A87 8AE4 23A2 8372 792E D758 99B9 A724 937A