Verifying the download package
MD5 or SHA-1 values can be used to verify the integrity of package downloaded from IBM. IBM provides MD5 or SHA-1 values for all recent WebSphere Commerce eAssemblies, fix packs and interim fixes.
Before you begin
About this task
Procedure
-
Obtain the MD5 or SHA-1 file from a trusted IBM source. This is a text file that contains the
MD5/SHA-1 hash signature of the interim fix package.
- For eAssemblies, see Checksum values for eAssemblies.
- Fix packs downloaded from Fix Central are accompanied by an MD5 file. This is a text file that contains the MD5 hash signature of the fix pack file.
- Interim fixes downloaded from Fix Central are accompanied by an MD5 file. This is a text file that contains the MD5 hash signature of the interim fix package. Usually the MD5 value is generated for the .pak file, not the .zip file. The name of the MD5 file will indicate which file it is generated for.
- An interim fix obtained from IBM Support should be accompanied by an MD5 file. If it is not, then request the MD5 file from IBM Support. Usually the MD5 value is generated for the .pak file, not the .zip file. The name of the MD5 file will indicate which file it is generated for.
- Use your hash utility to generate a hash signature of your copy of the package.
-
Compare the signature hash in the IBM-provided MD5/SHA-1 value to the signature hash you
generated. They should be identical.
- If the values are identical, then proceed to install the package.
- If the values are not identical then the install package might be corrupted. Try to re-download the package from the trusted IBM source. For interim fixes, confirm that you generated the MD5 hash for the correct file (usually the .pak file, not the .zip file). If that does not resolve the issue, then contact IBM Support.