-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-8-turnkey-openldap_14.0-1_amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum debian-8-turnkey-openldap_14.0-1_amd64.ova
      996f9d43a92632afb8e47dd91c57a1e3

    $ sha1sum debian-8-turnkey-openldap_14.0-1_amd64.ova
      4b321fb76747f1b9dc83a2bbc066bea9c6c2dc33

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWObxUAAoJEIXCXpWhbrlNPd8IAMImUHctfk2U7qK4PEGLPYVO
Dn3NWVOkf/izwaOelrn5LzoxlEqmO/EZa05Ovl3tsUTE7A7wsaAqgQhtQ1nAV1Zi
wDqH9Ihv54Ibh/NMQTPOtm5SJvSysqBjsd26zYajObDo60N03DLk8r2Vr/f5+0bL
fTRjU3s2oPsrlnfjaNqlqBlgu9gtPjnaa8JqYNBEaK8dR0COzQybHMdz2yZ8uIO3
F3Wvg1/Iqc6rFLgzu4v0hCnM0B1HETk+cPe4esvQFhD20WxheWrpLdGIC6574e0I
zHtkrHv3VH7P0lS1U5Ds0zekJx7x1x4djPexUIfg6KnpmadrDtDuLr858LQTdNo=
=pfJG
-----END PGP SIGNATURE-----