Deployment and Management Guide for Cisco IoT FND on OVA with Postgres and InfluxDB, Release 5.x.x and Later

Cisco IoT FND deployment packages

Updated: February 4, 2026

Overview

This topic explains the purpose and contents of Cisco OVA images and upgrade scripts, detailing the files included in each .zip package and how they support secure installation and upgrade of Cisco IoT FND solutions.

You must verify the integrity of OVA images and upgrade scripts before you install or upgrade Cisco IoT FND. This verification ensures that the files are authentic and untampered.

Contents of OVA images and upgrade scripts

Table 1. Contents of the .zip files
Zip File Name	Contents
CISCO-IOTFND-VPI-K9-<release>-<build number>.zip	Contains Postgres/Influx for gateway management. iot-fnd-<release>-<build number>.iso iot-fnd-<release>-<build number>.iso.signature
CISCO-IOTFND-VPI-K9-CGMS-TOOLS-<release>-<build number>.zip Note The CGMS tools file is bundled with CISCO-IOTFND-VPI-K9-UPGRADE-SCRIPTS-<release>-<build number>.zip.	Includes cgms tools rpm for Postgres deployments. cgms-tools-<release>-<build number>.x86_64.rpm FND_RPM_SIGN-CCO_RELEASE.pem — Cisco signed x.509 end-entity certificate containing public key that is used to verify the signature. This certificate is chained to Cisco root CA and sub CA posted on https://www.cisco.com/security/pki/ . cisco_openpgp_verify_release.py — Signature verification program for verifying the Open-pgp Complaint Public Key against x.509 end-entity certificate. cisco_openpgp_verify_release.py.signature — Signature generated for the script cisco_openpgp_verify_release.py. FND-rel-binary.gpg — Open-pgp public key is used for verification of signed RPM. FND-rel-ascii.gpg — Open-pgp public key is used for verification of signed RPM.
CISCO-IOTFND-VPI-K9-UPGRADE-SCRIPTS-<release>-<build number>.zip	Includes upgrade scripts for upgrading FND-Postgres/Influx OVA. upgrade-ova-<release>-<build number>.rpm — Signature embedded RPM image. FND_RPM_SIGN-CCO_RELEASE.pem — Cisco signed x.509 end-entity certificate containing public key that is used to verify the signature. This certificate is chained to Cisco root CA and sub CA posted on https://www.cisco.com/security/pki/ . cisco_openpgp_verify_release.py — Signature verification program for verifying the Open-pgp Complaint Public Key against x.509 end-entity certificate. cisco_openpgp_verify_release.py.signature — Signature generated for the script cisco_openpgp_verify_release.py. FND-rel-binary.gpg — Open-pgp public key is used for verification of signed RPM. FND-rel-ascii.gpg — Open-pgp public key is used for verification of signed RPM.

Need help?

Open a support case

(Requires a Cisco Service Contract)

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.