Validating the PureMessage Upgrade Program

Once you have upgraded to PureMessage from a previous version, automatic certificate validation ensures the authenticity of subsequent software and data updates. As an added precaution, before upgrading, you can verify the authenticity of the newest version of the upgrade program, pmx-setup.

To validate pmx-setup:

  1. Run pmx-setup. Assuming that PureMessage is installed in the default location, at the command line, enter:
    /opt/pmx6/bin/pmx-setup

    The pmx-setup program detects that a new version is available and prompts you to update.

    Important
    You must retrieve the new version of pmx-setup, otherwise certificate validation will not work.
  2. Extract the validator. After pmx-setup has updated, you will be returned to the installer. Exit the PureMessage Installer, and, at the command line, enter:
    pmx-setup --check-validator

    The installer acknowledges that you have chosen to verify the authenticity of the validation tool itself before proceeding with the upgrade. The validation file is extracted.

  3. Obtain the sha1sum of the validation file. The sha1sum utility is used to calculate and verify SHA1 hashes. If you don't have sha1sum, you must obtain the appropriate version for your operating system. See the sha1sum documentation for specific command syntax.
  4. Contact Sophos support and have a representative confirm that the checksum you have obtained is correct. See "Contacting Sophos" for more information.
  5. Verify that your copy of pmx-setup is valid. At the command line, run the pmx-validator command as shown below:
    <PathToValidator>/pmx-validator <PathToRepository> <PathTo_pmx-setup>

    The exact file locations for this command are the pmx-validator, Repository, and pmx-setup entries that are displayed in the installer.

  6. Continue with the upgrade. Once verification is complete, enter:
    pmx-setup