Company  |   Contact Us  |   Feedback  

Knowledge Base

Home /  General  /  How to verify downloads

Verify the integrity of the download

The SHA256 hash can be used to verify the integrity of the downloaded file (for example a setup file). On a Windows system you can use any third-party tool or the integrated certutil command line utility to verify the file.

To use certutil, in a command line run:

certutil -hashfile "[PATH]" sha256

where [PATH] is the full path of the downloaded file. The output will look similar to this:

certutil

Compare the calculated SHA256 hash value with the hash value displayed on the download page:

Download hash value

If the file was modified there will be a big difference between the two hash values.

Verify the authenticity of the download

The digital signature can be used to verify the authenticity (and integrity) of the downloaded file. This process validates that the file is really coming from us and has not been modified since it was signed.

To verify the digital signature, use Windows File Explorer to view the Properties of the downloaded file.

Digital signature

On the Digital Signatures tab, select the signature and click Details.

Digital signature

Verify that the message is "This digital signature is OK".

Read more about Digital signatures.