Sometimes after downloading a CA PAM hotfix or upgrade patch and attempting to apply it, the following message appears

"Cannot  upgrade because patch is not HMAC signed. Please contact CA Technologies"

CA PRIVILEGED ACCESS MANAGEMENT, all versions

All CA PAM packages are signed using an HMAC signature algorithm. This is done to prevent tampering of the distributed package and as a means of verifying that the package being installed is not corrupted

The message may be indicative of a corrupted package, in which case the checksum shown on the PAM UI will not match the checksum that was provided with the patch.

Please download the package once again and try installation again. If problem persists, or if you get the message even when the checksum matches, please contact Broadcom Support.