Close popover

Table of Contents

Verifying the authenticity of hotfix files

Pega Platform hotfix files are digitally signed so that they can be verified and authenticated. Depending on your environment, hotfix files are verified automatically during installation or you can manually verify them.

Automatically verifying hotfix files during installation

For Pega Platform 8.5 or later with an outbound URL connection, Pega Platform automatically validates the hotfix file's digital certificate with the provider during installation to ensure that the signature on the certificate is valid and that the certificate has not been revoked. If the file cannot be verified, you cannot complete the installation. Contact Pega Support if you are unable to installation hotfix files.

Manually verifying hotfix files with third-party tools

For Pega Platform 8.5 or later with no outbound URL connection, and for earlier versions of Pega Platform, you need to verify the hotfix files manually by using third-party tools such as OpenSSL.

For more information, see Manually verifying hotfix files by using third-party tools.

Checking for revoked hotfix files for offline systems

If you do not use third-party tools to verify hotfix files for Pega Platform 8.5 or later with no outbound URL connection, you can still make sure that the Pega hotfix files have not been revoked before you install them.

For more information, see Checking for revoked hotfix files for offline systems.

  • Manually verifying hotfix files by using third-party tools

    For systems running Pega Platform 8.5 and later with no outbound URL connections, or for earlier versions of Pega Platform, you can use third-party tools to manually verify the digital certificate for a hotfix file.

  • Checking for revoked hotfix files for offline systems

    If you do not use third-party tools to verify hotfix files for Pega Platform 8.5 or later with no outbound URL connection, you can still make sure that the Pega hotfix files have not been revoked before you install them. Check for revoked hotfix files by manually loading a certificate revocation list (CRL) to verify the certificate. Because CRLs expire frequently, you need to load the list each time before you install a hotfix.

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.