The installation file is digitally signed. To verify the signature, you must download and install the VMware public key.

You can use the Linux rpm tool and the VMware public key to verify the digital signature of the VMware Cloud Director installation file, or any other signed downloaded file from If you install the public key on the computer where you plan to install VMware Cloud Director, the verification happens as part of the installation or upgrade. You can also manually verify the signature before you begin the installation or upgrade procedure, then use the verified file for all installations or upgrades.

Note: The download site also publishes a checksum value for the download. The checksum is published in two common forms. Verifying the checksum verifies that the file contents that you downloaded are the same as the contents that were posted. It does not verify the digital signature.


  1. Create a directory to store the VMware Packaging Public Keys.
  2. Use a Web browser to download all of the VMware Public Packaging Public Keys from the directory.
  3. Save the key files to the directory that you created.
  4. For each key that you download, run the following command to import the key.
    # rpm --import /key_path/key_name

    key_path is the directory in which you saved the keys.

    key_name is the filename of a key.