Validating a software image

A software is valid if it has a valid digital signature, which is generated by HPE Code Signing Service (HPECSS). Switches that support digital signature verification will generate an error message if you attempt to download an image that is not digitally signed.

  • To manually verify the software’s digital signature when the switch does not support digital signature verification, use the following command:

    verify signature flash {primary|secondary}

    If the signature is valid, the following message is displayed:

    Signature is valid.
  • To bypass signature verification, use the allow-no-signatureoption in the copycommand as follows:

    copy {tftp|sftp|usb|xmodem} flash [<hostname/IP>]
    [<filename>] {primary|secondary} allow-no-signatures
The allow-no-signature option is available on switches that support non-signed legacy software releases and must be used with caution. To determine support for your switch, go to: