nv01
Contributor
Contributor

OVF deployment issue with SHA256 digest algorithm

We are facing issue in deploying a SHA256 OVA (created using ovftool 3.5.0) on ESX5.5 and ESX6.0 (from vsphere client).

Deployment is failing with the following error message.

"The following manifest file entry (line 1) is invalid: SHA256(*.vmdk)={SHA1 digest of file}

Same OVA can be deployed in VMWare workstation 11 successfully.

Any suggestions ??

0 Kudos
1 Reply
timpetro
Enthusiast
Enthusiast

This is an old post, but i just was asked the question by someone else, so i figured i would reply.

The type of hashing that is used in an OVA or OVF depends on the verison and the class of hypervisor and is written into the .mf file.

There is one entry for the .ovf file; and one for the .vmdk file.

If you like you can edit the .mf file and just erase the text in it and the vm should import.

If your using an OVA ( which is basically a zipped up OVF) you first have to use an unzip program and unzip it.

Then look for the MF file. The easiest fix is to blank out the file and save it.. then try to import again.

If you insist on having a proper hash in the file, you would need to calculate the hash using a format that is supported on the platform your importing on (ie SHA128 vs SHA256).

To find out what that entry should look like, and east test is to create a small vm on the platform you wish to import to, and export it to OVF.

Examine the .mf file for the correct format (lets say its SHA256.

once you know the format, you will need a utility (there are many out there) to calculate the hash for each of the other files (.ovf and the .vmdk)

The format example for a recent version of the platform looks like in the .mf file:

SHA256(nameoffile.ovf)= 1eea4a892181306be0fa06e4ea5e5a34c35a00edeea5633ea62867378ff58152

SHA256(nameoffile-disk1.vmdk)= 887bbafeee62289e0311b206adb5b9ab1eee05ae4a402e6c64d3acb17fa65878

The format of an older 5.5 esxi is the same as above, but uses SHA1 not SHA256

Timothy B. Petrosky MCSE SCNP CCAI CCSP/CCNP SECURITY VCP CCDA PCE CNE CCA Senior Engineer Instructor – Cisco Academy Instructor – VMWare Academy Institution www.ptengineer.com PetroTech IT Professionals
0 Kudos