SMG OVA is reported by VSphere as "invalid and cannot be deployed"
search cancel

SMG OVA is reported by VSphere as "invalid and cannot be deployed"


Article ID: 204203


Updated On:


Messaging Gateway


When attempting to deploy the SMG OVA via VSphere, VSphere returns the following error:

The OVF package is invalid and cannot be deployed.
The following manifest file entry (line 1) is invalid: SHA256 (smg.ovf).


This is a known issue with some versions of VSphere including VSphere 6.0 which do not support the SHA256 hash that is used for the OVF/OVA signature. This is documented in the VMWare KB


This issue may be resolved by converting the SMG OVA from a SHA256 signature hash to a SHA1 signature hash as described in the VMware KB article:

To resolve this issue, deploy vIC via the vSphere Web Client or ESXi Embedded Host Client because both support SHA256.
However, if you still want to automate your deployments, you must convert the OVA from the Cryptographic Hash Algorithm SHA256 to SHA1.

To do this, you can use OVFTool which is available on all OS at:

To do the conversion, run this command:

ovftool.exe --shaAlgorithm=SHA1 \path\to\the\original\ova_file.ova \path\to\the\new\ova\file-SHA1.ova

You can now use the new ova generated with SHA1 for your future deployments without experiencing any format error.