Importance of Checksum validation of downloaded file's

Checksum is used to verify the integrity of the downloaded file. In this case, the product's file's integrity is being verified. If the product's file is not properly downloaded or if an unauthorized person has changed the product's file in the website, then users can check the integrity of the file by verifying it with the checksum hash value.

The checksum validation essentially helps users verify the integrity of the downloaded file.

How to generate the checksum of the downloaded file?

Windows 7 and later operating systems include the Certutil app that can generate SHA256 checksum hash value. The command format for the SHA256 checksum validation is given below:

certutil -hashfile <path>/<file_name> SHA256

Example: certutil -hashfile ManageEngine_xxxx_.ppm SHA256

Output: SHA256 hash of ManageEngine_xxxx_.ppm: 8170235A0E13D2A358C80E2BDF1C0151A580CA78B034F31F60B4A29E824FE9B6 CertUtil: -hashfile command completed successfully.

How to validate the checksum of the downloaded file?

1. Navigate to the official product download page.
2. Locate the checksum (SHA256) value for the downloaded file provided next to the download link, which is usually a long alphanumeric string.
3. Compare the generated checksum value with the official checksum value.

Now, if the checksums matches then the file has been downloaded correctly and its integrity has been verified successfully. If not, redownload and check again.