ProxySG failed to upload image, with error message: Security signature verification failed, The requested system software image may have been tampered with.
search cancel

ProxySG failed to upload image, with error message: Security signature verification failed, The requested system software image may have been tampered with.

book

Article ID: 166906

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

When upgrading the ProxySG, the upgrade failed with this error message:

Security signature verification failed, The requested system software image may have been tampered with.

The event log shows:

2008-01-01 12:06:54-06:00CST  "Console agent: tarfile: signature verification of system image failed."  35 6001F:96   ../cag_image_util.cpp:700
 

Resolution

1 - If there is large gap between the older and newer version, even if the upgrade path is listed as supported, there are rare times an intermediate upgrade is needed.  This allows the image signature of the much newer version to be trusted.  Please upgrade to a version in between the old and new versions to bridge this gap.

 

2 - Verify the ProxySG clock is set correctly. The unzip program checks the time stamp of the image, and compares it to the system clock; if the system clock has an earlier date than the image date, the upgrade will abort and display the above error message.

To set the ProxySG system clock:

1.    In the Management Console, select Configuration > General > Clock.
2.    If the ProxySG is not connected to the Internet, unselect Enable NTP, and set the current date and time. Apply the changes.
3.    If the appliance is connected to an NTP server on the Internet, select Enable NTP, and apply the change. Click Acquire UTC Time. The clock will be changed to the current date and time.

If the upload of the image still fails in 5.5 try to set the time manually to before 2016, this enabled the upload of the images, the time can be reverted once the image is installed.

3 - Update trust package is updated (ALERT2309). The trust package installs needed certificates that will allow the installation the new SGOS files.

proxy>enable

proxy#configure terminal

load trust-package