If you need access to older releases they can be found in the release archives.

Project releases are approved by vote of the Apache Geode Project Management Committee (PMC). Support for a release is provided by project volunteers on the project mailing lists. Bugs found in a release may be discussed on the list and reported through the issue tracker. The user mailing list and issue tracker are the only support options hosted by the Apache Geode project.

Note: When downloading from a mirror, please be sure to verify that checksums and signatures are correct. To do so, use the checksum and signature files from the main Apache site at https://downloads.apache.org/geode/. Find here the KEYS file, which contains all OpenPGP keys we use to sign releases here: KEYS

The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the asc signature file for the particular distribution. Then verify the signatures using:

% pgpk -a KEYS % pgpv ${filename}.tar.gz.asc or % pgp -ka KEYS % pgp ${filename}.tar.gz.asc or % gpg --import KEYS % gpg --verify ${filename}.tar.gz.asc

Alternatively, you can verify the MD5 signature on the files. A Unix program called md5 or md5sum is included in many Unix distributions. It is also available as part of GNU Textutils. Windows users can get binary md5 programs from Fourmilab.ch, PC-Tools.Net, or SlavaSoft.com.

If you want to build directly from source, see the BUILDING.md file in the top-level source directory.