Did you just download a large file? Or do you have a file that you have a suspicion about? The best way to make sure the file comes from a verified source is by measuring its checksum. A checksum is almost like a fingerprint of a file that cannot be altered or removed. If the checksum of two files is same, we can easily say with confidence that both the files are same. There are many algorithms to calculate the checksum and the one we are talking about here is MD5. In this post, we’ve covered a method to verify the integrity of files by calculating their checksum using the built-in command line tool Certutil.
This post shows how to calculate, check, verify & validate the checksum of a file using Windows built-in utility called Certutil.exe. MD5 Checksums are helpful in verifying the integrity of the file and for knowing, whether or not your file is same as source and not tampered with.
What is MD5 Checksum
You must have encountered this term often while downloading large files from internet. MD5 is one of the most common algorithms used to measure checksum of files. It often helps in detecting files that have been maliciously tampered or distorted during transfers/downloads.
How to calculate MD5 Checksum of a file
Well, there are quite a lot of ways to do so. One of them is taking help of a third party File Integrity Checker tools. There are a lot of tools that can help you calculate the checksum of a file using MD5 algorithms. We’ve already covered a few tool that you can check out here.
If you are looking for an alternative that does not require downloading any other additional tool, Windows Certutil can help you out. Certutil is a command line tool that comes built into Windows.
According to Microsoft, you can use certutil.exe to dump and display certification authority (CA) configuration information, configure Certificate Services, backup and restore CA components, and verify certificates, key pairs, and certificate chains.
In this section, we’ve covered a step by step guide to using Certutil to calculate a checksum of any file.
Step 1: Open a new CMD window from Start Menu.
Step 2: Navigate to the directory wherever your file is.
Step 3: Run the following command:
certutil -hashfile path-to-your-file MD5
This will print the file’s checksum on console Window. You can use this checksum to verify the integrity of this file.
Working with other algorithms?
If you want to verify the checksum against a different algorithm such as SHA512 or SHA256, all you need to do is replace MD5 in your command with the desired algorithm.
Verifying the Checksum
Once you’ve got the checksum value, it is time to verify it. If you received this file from a friend or over the email, you can ask the sender for checksum value. If both the values match, your file has not been tampered with or distorted during transmission. If you downloaded this file from a website, you can look on the download page for checksums mentioned by the developer.
In the screenshot below, you can see the checksum mentioned on the FileZilla download page. It is the same checksum that was calculated by Certutil in the previous step.
So this was how you can calculate and verify MD5 checksums of your files. These checksums can easily identify file distortions and tampered files. Although a lot of free online and offline tools are available that lets you do so but knowing this trick with Windows always comes in handy.
You can practically calculate and verify checksums on any Windows computer using certutil.exe.