Menu Search


In addition to the source artefacts below, we offer Qpid packages and Qpid via Maven.

Qpid's source artefacts are produced as part of our community release process. The downloads on this page are from our current releases, Qpid 0.32, Qpid Proton 0.10, Qpid Dispatch 0.4, Qpid JMS 0.4.0, and Qpid C++ 0.34. You can also see our past releases.

It's important to verify the integrity of the files you download.

Messaging APIs

Qpid Protonqpid-proton-0.10.tar.gzASC, MD5, SHA
Qpid JMS (AMQP 1.0)apache-qpid-jms-0.4.0-bin.tar.gz*^ASC, MD5, SHA1
Qpid AMQP 0-x JMS Clientqpid-client-0.32-bin.tar.gz*ASC, MD5, SHA1
Qpid Messaging API (C++, bindings)qpid-cpp-0.34.tar.gzASC, MD5, SHA1
Qpid Messaging API (Python)qpid-python-0.32.tar.gzASC, MD5, SHA1

^For the earlier Qpid 0.32 AMQP 1.0 JMS client, see here.

Servers and tools

Java brokerqpid-broker-0.32-bin.tar.gz*ASC, MD5, SHA1
C++ brokerqpid-cpp-0.34.tar.gzASC, MD5, SHA1
C++ broker (command-line tools)qpid-tools-0.32.tar.gzASC, MD5, SHA1
Dispatch routerqpid-dispatch-0.4.tar.gzASC, SHA1

*These Java artefacts are released as compiled bytecode. We also offer the source as part of our Qpid JMS source release [ASC, MD5, SHA1] and Qpid Java source release [ASC, MD5, SHA1].

Verify what you download

It is essential that you verify the integrity of the downloaded files using the ASC signatures, MD5 checksums, or SHA1 checksums.

The signatures can be verified using PGP or GPG. First download the KEYS file as well as the .asc signature file for the relevant artefact. Make sure you get these files from the relevant subdirectory of the main distribution directory, rather than from a mirror. Then verify the signatures using one of the following sets of commands.

% pgpk -a KEYS
% pgpv qpid-0.32.tar.gz.asc

% pgp -ka KEYS
% pgp qpid-0.32.tar.gz.asc

% gpg --import KEYS
% gpg --verify qpid-0.32.tar.gz.asc

Alternatively, you can verify the MD5 or SHA1 checksums of the files. Unix programs called md5sum and sha1sum (or md5 and sha1) are included in many unix distributions. They are also available as part of GNU Coreutils. For Windows users, FSUM supports MD5 and SHA1. Ensure your generated checksum string matches the string published in the .md5 or .sha1 file included with each release artefact. Again, make sure you get this file from the relevant subdirectory of the main distribution directory, rather than from a mirror.

More information