Differences

This shows you the differences between the selected revisions of the page.

2016-08-12 2016-09-30
/NOCLOSEAPPLICATIONS (martin) Verifying Integrity of Installer (martin)
Line 58: Line 58:
===== Administration Tasks ===== ===== Administration Tasks =====
Learn how a system administrator can [[administration|restrict or enforce certain functionality]] of the application. Learn how a system administrator can [[administration|restrict or enforce certain functionality]] of the application.
 +
 +===== [[verifying]] Verifying Integrity of Installer =====
 +Optionally, as a security measure, you can verify an integrity of the WinSCP installer binary before installing.
 +
 +In Windows Explorer display //Properties// of the installer and verify a signature on the //Digital Signatures// tab. The installer should be signed by "Martin Prikryl". The certificate used to sign the latest installers has a SHA-1 hash ''4a 14 66 81 58 d7 9d f2 ac 08 a5 ee 77 58 8e 5c 6a 6d 2c 8f'' and is valid from 2016-01-03 to 2016-10-23.
 +
 +&screenshotpict(certificate)
 +
 +The certificate can also be displayed on the //[[ui_installer#uac|User Account Control]]// prompt.
 +
 +You can also verify file integrity manually. Find checksums of the installer binary in the release notes or on the [[this>../../download/WinSCP-&winscp_stable_version-Setup.exe|installer download page]]. Use the ''[[https://technet.microsoft.com/en-us/library/cc732443.aspx|certutil]]'' tool to calculate a SHA-256 checksum of the downloaded installer and compare it.
 +
 +<code>
 +C:\...>certutil -hashfile WinSCP-&winscp_stable_version-Setup.exe SHA256
 +SHA256 hash of file WinSCP-&winscp_stable_version-Setup.exe:
 +&winscp_stable_setup_sha256
 +CertUtil: -hashfile command completed successfully.
 +</code>

Last modified: by martin