The installation file is digitally signed. To verify the signature, you must download and install the VMware public key.

You can use the Linux rpm tool and the VMware public key to verify the digital signature of the vCloud Director installation file, or any other signed downloaded file from vmware.com. If you install the public key on the computer where you plan to install vCloud Director, the verification happens as part of the installation or upgrade. You can also manually verify the signature before you begin the installation or upgrade procedure, then use the verified file for all installations or upgrades.

Note

The download site also publishes a checksum value for the download. The checksum is published in two common forms. Verifying the checksum verifies that the file contents that you downloaded are the same as the contents that were posted. It does not verify the digital signature.

1

Obtain and import the VMware Packaging Public Keys.

a

Create a directory to store the VMware Packaging Public Keys.

b

Use a Web browser to download all of the VMware Public Packaging Public Keys from the http://packages.vmware.com/tools/keys directory.

c

Save the key files to the directory that you created.

d

For each key that you download, run the following command to import the key.

# rpm --import /key_path/key_name

key_path is the directory in which you saved the keys.

key_name is the filename of a key.

2

(Optional) Use the Linux rpm tool to verify the digital signature of the downloaded file.

# rpm --checksig installation-file

After you verify the digital signature of the file, you can use it to install or upgrade vCloud Director on any server, without having to install the public key on that server. The installer warns you if no key is installed. You can ignore the warning if you already verified the signature of the file.