Installing this version
To update your SMC server to version 3.8, we recommend that you carefully follow the procedure below.
Before installing the version, ensure that you have read the Product life cycle guide and the sections New firewall behavior and Recommendations.
Do note that the server's update mechanism will automatically restart at the end of the procedure.
Update paths
Update from version 2.x
To update an SMC server to version 3.8, intermediate updates may be required depending on its original version:
From a 2.X version | Updating to version 3.1.6 |
For more information, you can refer to the Stormshield Knowledge base (authentication required).
Going to your MyStormshield personal area
You need to go to your MyStormshield personal area in order to download the 3.8 version of Stormshield Management Center:
- Log in to MyStormshield with your login and password.
- In the panel on the left, select the Downloads section.
- In the panel on the right, select the relevant product and version.
- Download the files build.sha256sum, build.sha256sum.sign and smc-sign.crt as well if you wish to check the integrity of binary files.
Checking the integrity of binary files
Enter one of the following commands to check the integrity of Stormshield Management Center binary files:
-
Linux operating system:
sha256sum -c build.sha256sum
-
In PowerShell on a Windows operating system:
-
Enter cat build.sha256sum. The command will return the hashes and associated files.
-
To compare a file’s hash, copy it and enter (Get-FileHash my-file.ext -A SHA256).Hash -eq "hash".
-
Verifying the signature of the build.sha256sum file
The build.sha256sum.sign file is the signature of the build.sha256sum file. Verifying it will guarantee that build.sha256sum has not been modified.
OpenSSL is required to verify the file’s signature.
-
If you need to install OpenSSL in Microsoft Windows, use the widget tool and the PowerShell command below:
> winget install ShiningLight.OpenSSL
-
Next, run the "Win64 OpenSSL Command Prompt” program.
To verify the signature in Linux and Windows operating systems:
-
Use the certificate smc-sign.crt:
openssl x509 -in smc-sign.crt -pubkey -noout -out smc-sign.pem
openssl dgst -sha256 -verify smc-sign.pem -signature build.sha256sum.sign build.sha256sum
If you want to verify whether the certificate was indeed issued by the SMC certification authority, use the command:
openssl verify -CAfile Stormshield.Management.Center.2.pem smc-sign.crt
Updating the SMC server
Updating the SMC server when redundancy has been set up