Showing results for 
Show  only  | Search instead for 
Did you mean: 


SHA1 Error prevents you to publish packages for Google Chrome or other commercially available software.


When attempting to publish a package, SVM  returns an error stating that it could not verify the SHA1 checksum of the package. As part of the error, you can see a download link pointing to the file location as being hosted by Flexera. Here is how the error looks like:

User-added image


The problem is caching of old invalidated URLs which leads to incorrect download links presented in the SVMinterface.


The error message contains a download URL, which is actually the newest download link hosted at Flexera. To solve the issue, copy the URL from the error message, then do the following:

  • Begin creating a new SPS package
  • At step 1 of SPS, enable 'Edit Package Content' checkbox
  • At step 2, right-click on the existing link and select 'Edit'
  • Replace the default download link with the one you've copied from the error message.
  • Configure the rest of the package and publish it


Another way of doing this is to use the copied download link to download the physical file locally to your system. Then, edit the new package that you would be creating similarly to the above example, but instead of Editing the download link - remove it entirely. 

Finally, use the 'Add Local File' button to browse to the file you downloaded and then import it to the SVM's SPS interface. Publish your package after you configure all other desired package settings.

Was this article helpful? Yes No
No ratings
Version history
Last update:
‎Sep 16, 2019 03:07 PM
Updated by: