VMware Cloud Community

sign an ovf


I wrote some Ruby code that creates the the .cert file of my ovf. I used ovftool to create the .cert file. The two files differ slightly. The one created by my Ruby code is rejected when I try to deploy my ovf in vsphere client. The one created by ovftool works fine.

Here are the signatures in the two .cert files:

SHA1(custom-signed.mf)= 2fbcd216cc3916bceff51ed178779beaf1191e61c7a1f2375717bf9da489f9ff3a3c2710e0d159d9e14b12bc5121e12b75e275cc8323025d54b1ca313dfc7708bacf29927a3ebd31bb9bd3c162572c1657099d48b885eacb5e30e791ddba164bc8527b7c0b917cb1fa7aef6b2e2acfa2c2e06646b65fab77303049

SHA1(custom-signed.mf)= 2fbcd216cc3916bceff51ed178779beaf1191e61c7a1f2375717bf9da489f9ff3a3c2710e0d159d9e14b12bc51210e12b705e275cc08323025d54b1ca313dfc7708bacf299270a030ebd31bb9bd3c162572c01657099d48b885eacb5e300e7091ddba164bc8527b7c0b917cb01fa7aef6b2e2acfa2c2e06646b65fab77303049

The first signature was created by the Ruby code. The second was created by ovftool. The difference between the two is that the ovftool generated signature has some extra zeros in it.

Here's what the Ruby code looks like:

# read in the private key

pem = File.read('F:/temp/myvcops2/va/myvcops.pem')

private_key = OpenSSL::PKey::RSA.new(pem)

# read in the .mf manifest that we are about to sign

filename = 'F:/temp/myvcops2/va/output/custom-signed.mf'  

data = File.read(filename)

# sign the .mf file using the private key

sig = private_key.sign(OpenSSL::Digest::SHA1.new, data)

hex_sig = sig.to_s.each_byte.map { |b| b.to_s(16) }.join

puts "SHA1(#{File.basename(filename)})= #{hex_sig}\n"

Please help!



0 Kudos
0 Replies