Verifying Software Package Integrity
To prevent software packages from being tampered with or damaged during transmission, which may threaten the carrier network security, you need to verify the integrity of the software packages after obtaining them. Software packages can be deployed only after they pass the verification.
Context
Each software package and its signature file are stored in the same directory. Each software package corresponds to a verification file, which is used to verify the integrity of the software package. To download the digital signature file of a software package, click pgp or cms corresponding to the software package on the support website.
- You can click pgp to download a signature file in .asc format for manually verifying the integrity of a software package. To use a software package independently, you need to manually verify the integrity of the software package. For details, see Procedure.
This method can be used to verify the integrity of all software packages.
- You can click cms to download a signature file in .p7s format for automatically verifying the integrity of a software package. You need to import a software package together with its CMS signature for the NMS or deployment tool to verify the digital signature.
Procedure
- Visit https://support.huawei.com/carrierindex/en/hwe/index.html.
- Download OpenPGP Signature Verification Guide.
The download URL is https://support.huawei.com/carrier/docview!docview?nid=PK100000008.
- Verify software package integrity by referring to OpenPGP Signature Verification Guide.
Troubleshooting
If a software package fails the verification, do not use the software package, and contact Huawei technical support.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
