Pega provides increased security for hotfix files by automatically verifying their authenticity and integrity during the installation process. When applying hotfix files to on-premises instances of Pega Platform™ that allow outbound URL connections, Pega Platform checks with the digital certificate provider to ensure the file's authenticity and makes sure that the file has not been revoked. If the file cannot be verified, you cannot install the hotfix file. Contact Pega Support to resolve the issue.
For on-premises Pega Platform instances that do not allow outbound URL connections, you can:
- Verify the hotfix files by using third-party tools such as Open SSL.
- Check that the hotfix files have not been revoked by loading the certificate revocation list prior to installation.
For more information about hotfix verification, see Verifying the authenticity of hotfix files.