Installing this version

To update your SMC server to version 3.8, we recommend that you carefully follow the procedure below.

Before installing the version, ensure that you have read the Product life cycle guide and the sections New firewall behavior and Recommendations.

Do note that the server's update mechanism will automatically restart at the end of the procedure.

Update paths

Update from version 2.x

To update an SMC server to version 3.8, intermediate updates may be required depending on its original version:

From a 2.X version Updating to version 3.1.6

For more information, you can refer to the Stormshield Knowledge base (authentication required).

Going to your MyStormshield personal area

You need to go to your MyStormshield personal area in order to download the 3.8 version of Stormshield Management Center:

  1. Log in to MyStormshield with your login and password.
  2. In the panel on the left, select the Downloads section.
  3. In the panel on the right, select the relevant product and version.
  4. Download the files build.sha256sum, build.sha256sum.sign and smc-sign.crt as well if you wish to check the integrity of binary files.

Checking the integrity of binary files

Enter one of the following commands to check the integrity of Stormshield Management Center binary files:

  • Linux operating system: sha256sum -c build.sha256sum

  • In PowerShell on a Windows operating system:

    1. Enter cat build.sha256sum. The command will return the hashes and associated files.

    2. To compare a file’s hash, copy it and enter (Get-FileHash my-file.ext -A SHA256).Hash -eq "hash".

Verifying the signature of the build.sha256sum file

The build.sha256sum.sign file is the signature of the build.sha256sum file. Verifying it will guarantee that build.sha256sum has not been modified.

OpenSSL is required to verify the file’s signature.

  1. If you need to install OpenSSL in Microsoft Windows, use the widget tool and the PowerShell command below:

    > winget install ShiningLight.OpenSSL

  2. Next, run the "Win64 OpenSSL Command Prompt” program.

To verify the signature in Linux and Windows operating systems:

  1. Use the certificate smc-sign.crt:

    openssl x509 -in smc-sign.crt -pubkey -noout -out smc-sign.pem
    openssl dgst -sha256 -verify smc-sign.pem -signature build.sha256sum.sign build.sha256sum

If you want to verify whether the certificate was indeed issued by the SMC certification authority, use the command:

openssl verify -CAfile Stormshield.Management.Center.2.pem smc-sign.crt

Updating the SMC server

For the procedures on updating the server from the web interface or command line interface, refer to the section Updating the SMC server in the Administration guide.

Updating the SMC server when redundancy has been set up

The update procedure is specific and has to follow the steps described in the section Setting up SMC server redundancy in the Administration guide.