-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
"The OVF package is invalid and cannot be deployed" error when deploying the WAF OVA
12/20/2019 
19 People found this article helpful
490,625 Views
Description
NOTE: ESXi server versions before 6.5.0 do not support OVF/OVA files with a SHA256 hash.
VMware provides a tool to convert the OVA to SHA1 and allow installation on these older ESXi systems.
The failure is indicated with an error pop up: "The OVF package is invalid and cannot be deployed"
"The following manifest file entry (line 1) is invalid: SHA256(SonicWall_WAF_2_0.0.0-17waf.ova)=..."
Cause
This OVA was released with a SHA256 hash. This is the current standard practice for all applications.
NOTE: The 6.0.0 and 5.5.0 versions of ESXi do not support SHA256 and require the OVA to be hashed with SHA1.
Resolution
Convert the SHA256 OVA to a SHA1 hashed OVA.
VMware upgraded the default hash algorithm to SHA256 for OVA generation. The older vSphere/ESXi clients only support the SHA1 hash.
The conversion is documented in a KB article from VMware: https://kb.vmware.com/s/article/2151537.
To download OVF Tool, please visit:Open Virtualization Format Tool.When installed on a Windows machine the ovftool.exe is not added to the path so it needs to be executed in the directory where it is installed.
NOTE: The above link, to download ovftool.exe, is on a VMware company web page. It may change. If the link becomes broken, navigate to VMware site (https://www.vmware.com/)and search for ovftool to download .)
EXAMPLE:The process to convert an OVA to SHA1 for compatibility with the 6.0 and 5.5 vSphere or ESXi systems:
Open a CMD window (as administrator)
cd C:\Program Files\VMware\VMware OVF Tool
ovftool.exe --shaAlgorithm=SHA1 C:\Users\username\Downloads\SonicWall_WAF_2_0.0.0-17waf.ova C:\Users\username\Downloads\SonicWall_WAF_2_0.0.0-17waf-SHA1.ova
Related Articles
- How to Block Google QUIC Protocol on SonicOSX 7.0?
- How to block certain Keywords on SonicOSX 7.0?
- How internal Interfaces can obtain Global IPv6 Addresses using DHCPv6 Prefix Delegation
YES
NO