Cisco Cisco Evolved Programmable Network Manager 2.0 Guida All'Installazione
15
Verify the ISO Image or OVA Package
Before installing Cisco EPN Manager, you need to verify the ISO image or OVA package. You do not need to verify the
individual UBF files that are bundled inside the ISO image or OVA package.
individual UBF files that are bundled inside the ISO image or OVA package.
Procedure
Step 1
If you do not have openssl installed, download and install it (see
).
Step 2
Download the following files from the
, and place them in a temporary directory.
•
The Cisco EPNM 2.0 product OVA package or ISO image to be verified (*.iso or *.ova)
•
The Cisco EPNM 2.0 OVA or ISO signature file (*.signature)
•
The Cisco EPNM 2.0 certificate file (*.pem)
(The same certificate file (*.pem) is used to validate OVA and ISO files.)
Step 3
Move to the temporary directory and run the following command. You must run this command as the Linux CLI root
user. (See
user. (See
. Be sure to
use the procedures for Cisco EPN Manager 1.2.x.)
openssl dgst -sha512 -verify cert-file -signature sig-file product-file
Where:
•
cert-file is the certificate file (*.pem)
•
sig-file is the signature file (*signature)
•
product-file is the file to be verified
Step 4
If the result is Verified OK:
•
For an OVA package, proceed to
•
For an ISO file, go to
.
Note
(ISO/bare metal automatic upgrades) If you are using this procedure to validate the patching_upgrade.pl script,
return to
return to
of
and run the script.
Step 5
(OVA packages only) Verify the publisher and certificate chain using the VMware vSphere client.
a.
Verify that Cisco Systems is the publisher:
–
In the VMware vSphere client, choose File > Deploy OVF Template.
–
Browse to the OVA installation file (*.ova) and select it, then click Next.
–
Check whether the Publisher field in the OVF Template Details window displays Cisco Systems, Inc with a
green check mark next to it.
green check mark next to it.
Note
Do not validate the image using the information in the Vendor field. This field does not authenticate Cisco
Systems as the publisher.
Systems as the publisher.
Note
Do not proceed if the Publisher field displays No certificate present. This indicates that the image is not signed
or the file is not from Cisco Systems or the file has been tampered with. Contact your Cisco representative.
or the file is not from Cisco Systems or the file has been tampered with. Contact your Cisco representative.