Verifying Downloaded Files

The software download page provides download links for obtaining the installation package and other supporting files that may be available for each product.

All files posted on the download site are signed by the release manager, using the SHA-512 algorithm. SHA-512 checksums are available, along with the files (file.sha512).

File hashes are used to check that a file has been downloaded correctly.

The checksum of a file is a fixed-length string that uniquely identifies the contents of the file. Two files are equal if their checksums are equal. Comparing the checksums of two files is as good as comparing the two files themselves.

To check a hash, you have to compute the proper checksum of the file you downloaded and then compare it with the checksum of the corresponding posted file.sha512 file, as shown in the following image.


Only if you check the hash, can you be certain that your download has not been modified or the download itself may be incomplete or faulty.

The posted file.sha512 files contain the checksum for each corresponding file and instructions for computing the checksum of the download file.