Help Center/
Workspace/
Product Bulletin/
Client Integrity Check (CMS)/
Packages for Image Creation/
Packages for Windows Image Creation
Updated on 2025-07-14 GMT+08:00
Packages for Windows Image Creation
Procedure
Check the integrity of downloaded installation packages during Windows image creation, that is, check whether the packages are tampered with or lost during download.
Verifying the Digital Signature CMS File
- Download the required packages to the local PC following Required Software in the Windows image creation section.
- Download the following root CA certificate and CRLs from the Huawei support website:
- CA certificate: Huawei Software Integrity Protection Root CA.der
- CRLs: HuaweiRootCA.crl, HuaweiCodeSigningCA.crl, HuaweiCodeSigningCA 2.crl, and HuaweiCodeSigningCA 3.crl
- Convert the formats of the CA certificate and CRLs from DER to PEM.
The name of the certificate to convert may differ from that of the downloaded one. Use the actual certificate name.
- For CRLs:
openssl crl -inform DER -in "HuaweiRootCA.crl" -out HuaweiRootCaCrl.pem openssl crl -inform DER -in "HuaweiCodeSigningCA 3.crl" -out HuaweiCodeSigningCA3.pem openssl crl -inform DER -in "HuaweiCodeSigningCA 2.crl" -out HuaweiCodeSigningCA2.pem openssl crl -inform DER -in HuaweiCodeSigningCA.crl -out HuaweiCodeSigningCA.pem
- For the CA certificate:
openssl x509 -inform DER -in "Huawei Software Integrity Protection Root CA.der" -out HuaweiRootCA.pem
- Use Notepad to open the files in 3. Copy and paste the content of HuaweiRootCaCrl.pem, HuaweiCodeSigningCA3.pem, HuaweiCodeSigningCA2.pem, and HuaweiCodeSigningCA.pem sequentially to the end of the content of HuaweiRootCA.pem.
- Verify the CMS file.
openssl cms -verify -inform DER -crl_check_all -in xxxxxxx.iso.cms -content xxxxxx.iso -CAfile HuaweiRootCA.pem -out cmsVerifiedData -binary -purpose any -certsout tmpCertChain.pem
- xxxxxxx.iso.cms: client CMS file obtained in Table 1
- xxxxxx.iso: installation package name obtained during image creation
If a message similar to the following is displayed, the verification is successful:
CMS Verification successful
Parent topic: Packages for Image Creation
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
