Issues with using sign-key to sign appimage files

[markeel]

When using "appimage-builder --recipe xxxx" which included the sign-key option I ran into two problems

1. It did not work if my application had a space in the name (sha256sum failed)
2. It did not generate a key that could be verified successfully.

After generation, I tried to verify as follows

--appimage-signature >/tmp/junk gpg2 --verify /tmp/junk

It is possible that this is not the right technique to verify the signature, but looking at the appimage manual it doesn't appear there is a solid validation tool out there. Maybe it is embedded in something, but it's not clear what.

At this point I'm not going to use the sign-key in the appimage itself and instead just create a standard ".sig" file so people can check it that way (if they have my public signing key).