Download Links

Use the links below to download Apache VCL from one of our mirrors. You must verify the integrity of the downloaded files using signatures downloaded from our main distribution directory, not from a mirror.

Only current recommended releases are available on the main distribution site and its mirrors. Older releases are available from the archive download site.

Stable Release - Latest Version:

• apache-VCL-2.3.tar.bz2 [ GPG ] [ SHA1 ] [ MD5 ] (released 2012-07-20)

Previous Releases:

• apache-VCL-2.2.1-incubating.tar.bz2 [ GPG ] [ SHA1 ] [ MD5 ] (released 2011-04-08)
• apache-VCL-2.2-incubating.tar.bz2 [ GPG ] [ SHA1 ] [ MD5 ] (released 2010-10-05)
• apache-VCL-2.1-incubating.tar.bz2 [ GPG ] [ SHA1 ] [ MD5 ] (released 2009-12-04)

Mirror

The currently selected mirror is [preferred]. If you encounter a problem with this mirror, please select another mirror. If all mirrors are failing, there are backup mirrors (at the end of the mirrors list) that should be available.

Other mirrors: [if-any http] [for http] [http] [end] [end] [if-any ftp] [for ftp] [ftp] [end] [end] [if-any backup] [for backup] [backup] (backup) [end] [end]

You may also consult the complete list of mirrors.

Verifying the integrity of the files

It is essential that you verify the integrity of the downloaded files using the PGP or MD5 signatures. Security of the mirrors cannot be guaranteed, which means malicious code could be added to the downloads from the mirrors. By verifying the integrity of downloaded release files, you ensure they have not been tainted.

Run the following command to verify the MD5 sum. It should give output similar to "apache-VCL-2.3.tar.bz2: OK":

md5sum -c apache-VCL-2.3.tar.bz2.md5

Similarly, Run the following command to verify the SHA1 sum. You should get output similar to "apache-VCL-2.3.tar.bz2: OK":

sha1sum -c apache-VCL-2.3.tar.bz2.sha1

To verify the GPG signature (you'll need to have GnuPG installed):

1. download and import the VCL KEYS file (if you've imported the KEYS file for previously releases, you do not need to import it again):
   gpg --import KEYS
2. download the GPG Signature to the same location as the release file
3. from the directory containing both the release file and the GPG signature, run
   gpg --verify apache-VCL-2.3.tar.bz2.asc

Installation

For new installs, visit the on-line installation guide:

Latest Version:

• Apache VCL 2.3 Installation Guide

Previous Versions:

• Apache VCL 2.2.1 Installation Guide
• Apache VCL 2.2 Installation Guide
• Apache VCL 2.1 Installation Guide

Upgrading

For upgrades, visit the on-line upgrade guide:

Upgrade to latest version:

• upgrade 2.2.1 to 2.3
• upgrade 2.2 to 2.3
• upgrade 2.1 to 2.3

Upgrade really old versions to older versions:

• upgrade 2.2 to 2.2.1
• upgrade 2.1 to 2.2.1
• upgrade 2.1 to 2.2