Checksum Validation

Why is checksum validation required for Vulnerability Manager Plus?

Checksum is used to verify the integrity of the downloaded file. In this case, the Vulnerability Manager Plus upgrade file's integrity is being verified. If the Vulnerability Manager Plus upgrade file is not properly downloaded or if an unauthorized person has changed the Vulnerability Manager Plus upgrade file in the website, then users can check the integrity of the file by verifying it with the checksum hash value.

The checksum validation essentially helps users verify the integrity of the downloaded Vulnerability Manager Plus upgrade file.

Note: Checksum validation is not required for the Vulnerability Manager Plus EXE file as it is signed.

How to validate the downloaded upgrade file with checksum?

Windows 7 and later operating systems include the Certutil app that can generate SHA256 checksum hash value. The command format for the SHA256 checksum validation is given below:

certutil -hashfile <path> /<file_name> SHA256


certutil -hashfile ManageEngine_Vulnerability_Manager_Plus_10_0_0_SP-610.ppm SHA256


SHA256 hash of ManageEngine_Vulnerability_Manager_Plus_10_0_0_SP-610.ppm: 8170235A0E13D2A358C80E2BDF1C0151A580CA78B034F31F60B4A29E824FE9B6 CertUtil: -hashfile command completed successfully.

Now, the generated checksum hash value should match the value in the website. If not, redownload and check again.

Note: The upgrade file means the hotfix/service pack file.