Validating the installer ISO file

Last Updated : Jun 10, 2026 |

About this task

Use this procedure to validate the Avaya Aura® application installer ISO, which is signed using Avaya File Signing Authority (AFSA). For a software-only installation, you must validate the ISO manually.

Procedure

  1. Run the following command to mount the installer ISO: 
    mkdir /mnt/iso
mount -o loop,ro CM*.iso /mnt/iso
  2. Run the following command to validate the certificate file by using the root CA: 
    openssl verify -CAfile AvayaRootCert.pem /mnt/iso/CM-010.2*.cert

    This command should return OK.

    Note:

    To create the file AvayaRootCert.pem, use the file present in the Appendix E of this document.

  3. Run the following command to extract the public key: 
    openssl x509 -in /mnt/iso/CM-010.2*.cert -pubkey -noout > /tmp/key
  4. Run the following command to validate manifest files: 
    cd /mnt/iso
sha256sum -c CM-010.2*.mf

    After you run the command, an output of OK indicates that all the files are correct.

  5. Run the following command to verify the signature of the manifest file: 
    openssl dgst -sha256 -verify /tmp/key -signature CM-010*1.sig CM-010*.mf

    This command should return Verified OK.