You can use the Linux rpm tool and the VMware public key to verify the digital signature of the vCloud Director installation file, or any other signed downloaded file from www.vmware.com. If you install the public key on the computer where you plan to install vCloud Director, the verification happens as part of the installation or upgrade. You can also manually verify the signature before you begin the installation or upgrade procedure, then use the verified file for all installations or upgrades.

1. Obtain and import the VMware Packaging Public Keys.
   
   
   1. Create a directory to store the VMware Packaging Public Keys.
   2. Use a web browser to download all of the VMware Public Packaging Public Keys from the http://packages.vmware.com/tools/keys directory.
   3. Save the key files to the directory that you created.

   4. For each key that you download, run this command to import the key:
      
      # rpm --import /key_path/key_name
      
      Where key_path is the directory in which you saved the keys and key_name is the filename of a key

2. (Optional) Use the Linux rpm tool to verify the digital signature of the downloaded file:
   
   # rpm --checksig installation-file
   
   After you verify the digital signature of the file, you can use it to install or upgrade vCloud Director on any server, without having to install the public key on that server. The installer warns you if no key is installed. You can ignore the warning if you already verified the signature of the file.