• Home
  • How to verify your SICK download
  • Home
  • How to verify your SICK download

How to verify your SICK download

The files offered for download by SICK meet the same high quality standards as our products and services. Beyond that, it is reassuring to be able to verify that a file you download is not corrupted in any way and that it is an authentic file that has not been tampered with.

This page describes how to verify a downloaded file against a cryptographic hash fingerprint using utilities built into every major operating system.

What to do

The basic procedure to verify a file is the same no matter which operating system is used:

  1. Download the desired file from SICK
  2. Calculate the SHA-256 fingerprint of the file (you can find instructions for major operating systems in the following section)
  3. Get the published SHA-256 fingerprint from https://www.sick.com. You can find the fingerprint in the pop over in the download interface as shown in the following screenshot
  4. For special use cases technical information can be published on the SICK support portal. In this case the SHA-256 fingerprint is published close to the download link in the support portal.
  5. Verify that the connection to the website you used to retrieve the SHA-256 fingerprint (either https://www.sick.com or https://support.sick.com) is secure. To do this, check the security status icon to the left of the web address in the browser and proceed only if the security status is "Secure" and the lock icon is displayed:
  6. Compare the calculated fingerprint (step 2) to the fingerprint published by SICK. If the values match, you can be sure that the file is not corrupted or manipulated. If not, repeat the verification procedure with a fresh download directly from https://www.sick.com. If this file still does not verify, please contact the SICK PSIRT.

How to calculate the SHA-256 fingerprint

For Windows:

  • Press “WIN+r” and type “cmd” to start the windows command line
  • Use the command “certutil -hashfile [file location] SHA256”.
    For example ”certutil -hashfile C:/Users/user1/Downloads/software.zip SHA256

For Linux:

  • Start a terminal
  • Use the command “sha256sum [file location]”.
    For example “sha256sum ~/Downloads/software.zip

For Mac OS:

  • Start a terminal
  • Use the command “shasum -a 256 [file location]”.
    For example “shasum -a 256 ~/Downloads/software.zip” In each case the command line returns the file's checksum.