OVA file not deploying properly after downloading from SecureAuth

    Applies to:
  • SecureAuth Identity Platform
  • Legacy SecureAuth IdP
Deployment model:
  • Hybrid
  • On Premises
  • Version Affected:  19.07+


    After downloading and attempting to import the SecureAuth OVA file, you may get the error message, "The provided manifest file is invalid: Invalid OVF checksum algorithm: SHA1(IdP_One_Image_CB-0.0.7-144", from the vSphere Server.




    The SecureAuth OVA is signed as SHA1 but vSphere is expecting it to be signed with SHA256. This issue has been seen while importing to vSphere 6.5+



    In order to resolve this, the OVFTool will need to be downloaded from VMware and convert the image to use SHA256. Here is a link to the OVFTool Download:

    This would be the type of command you would want to run against the OVF downloaded from the SecureAuth website:

       ovftool.exe --shaAlgorithm=SHA256 /path/to/ova_file.ova /path/to/new/ova_file-SHA256.ova

    When running the tool, this is what you will see:

    And when finished, see the below:

    After the OVFTOOL completes, deploying the OVA should work without issue.



    SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.

    Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.

    1 out of 1 found this helpful



    Please sign in to leave a comment.