Switch to Manual Download and Installation for Cortex

This topic provides step-by-step instructions for switching from APT and YUM repositories to a manual process for installing and upgrading Cortex, following the APT and YUM repositories deprecation notice.

For instructions on performing the same process for TheHive, see Switch to Manual Download and Installation for TheHive.

Are you concerned?

Use this procedure if you currently install or update Cortex on Linux distributions using apt-get install, apt-get upgrade, yum install, or yum update.

You aren't affected if you run Cortex through Docker deployments.

If you are a new user, follow the instructions in the step-by-step installation guide.

Dependencies

Before starting this procedure, run the following commands:

For DEB-based systems:

sudo apt update
sudo apt install wget curl gnupg coreutils

For RPM-based systems:

sudo yum update
sudo yum install wget curl gnupg coreutils

Procedure

Step 1: Manually install Cortex

DEBRPM

Destination path

The commands below use /tmp/ as the download path. Replace it with the full local directory path where you want to save the files.

1. Download the installation package along with its SHA256 checksum and signature files.

   • Using Wget:

     wget -O /tmp/cortex_3.2.1-2_all.deb https://cortex.download.strangebee.com/3.2/deb/cortex_3.2.1-2_all.deb
     wget -O /tmp/cortex_3.2.1-2_all.deb.sha256 https://cortex.download.strangebee.com/3.2/sha256/cortex_3.2.1-2_all.deb.sha256
     wget -O /tmp/cortex_3.2.1-2_all.deb.asc https://cortex.download.strangebee.com/3.2/asc/cortex_3.2.1-2_all.deb.asc
     

     To download a specific version instead of the latest, use the following format:

     wget -O /tmp/<file_name>.deb https://cortex.download.strangebee.com/<major.minor_version>/deb/<file_name>.deb
     wget -O /tmp/<file_name>.deb.sha256 https://cortex.download.strangebee.com/<major.minor_version>/sha256/<file_name>.deb.sha256
     wget -O /tmp/<file_name>.deb.asc https://cortex.download.strangebee.com/<major.minor_version>/asc/<file_name>.deb.asc
     

     • Replace <file_name> with the full name of the versioned file you want to install. For example, use cortex_3.1.8-1_all.
     • Replace <major.minor_version> with the corresponding version directory. For example, use 3.1.

   • Using cURL:

     curl -o /tmp/cortex_3.2.1-2_all.deb https://cortex.download.strangebee.com/3.2/deb/cortex_3.2.1-2_all.deb
     curl -o /tmp/cortex_3.2.1-2_all.deb.sha256 https://cortex.download.strangebee.com/3.2/sha256/cortex_3.2.1-2_all.deb.sha256
     curl -o /tmp/cortex_3.2.1-2_all.deb.asc https://cortex.download.strangebee.com/3.2/asc/cortex_3.2.1-2_all.deb.asc
     

     To download a specific version instead of the latest, use the following format:

     curl -o /tmp/<file_name>.deb https://cortex.download.strangebee.com/<major.minor_version>/deb/<file_name>.deb
     curl -o /tmp/<file_name>.deb.sha256 https://cortex.download.strangebee.com/<major.minor_version>/sha256/<file_name>.deb.sha256
     curl -o /tmp/<file_name>.deb.asc https://cortex.download.strangebee.com/<major.minor_version>/asc/<file_name>.deb.asc
     

     • Replace <file_name> with the full name of the versioned file you want to install. For example, use cortex_3.1.8-1_all.
     • Replace <major.minor_version> with the corresponding version directory. For example, use 3.1.

2. Verify the integrity of the downloaded package.

   • Check the SHA256 checksum by comparing it with the provided value.

     a. Generate the SHA256 checksum of your downloaded package.

     sha256sum /tmp/cortex_3.2.1-2_all.deb
     

     b. Compare the output hash with the official SHA256 value listed in the .sha256 file.

     cat /tmp/cortex_3.2.1-2_all.deb.sha256
     

     c. If both hashes match exactly, the file integrity is verified. If not, the file may be corrupted or tampered with—don't proceed with installation, and contact the StrangeBee Security Team.

   • Verify the GPG signature using the public key.

     a. Download the public key at keys.download.strangebee.com using Wget or cURL.

     wget -O /tmp/strangebee.gpg https://keys.download.strangebee.com/latest/gpg/strangebee.gpg
     

     curl -o /tmp/strangebee.gpg https://keys.download.strangebee.com/latest/gpg/strangebee.gpg
     

     b. Import the key into your GPG keyring.

     gpg --import /tmp/strangebee.gpg
     

     c. Verify the downloaded package signature.

     gpg --verify /tmp/cortex_3.2.1-2_all.deb.asc /tmp/cortex_3.2.1-2_all.deb
     

     d. Expected result.

     You should see output similar to:

     gpg: Good signature from "TheHive Project (TheHive release key) <support@thehive-project.org>"
     

     The key fingerprint must match: 0CD5 AC59 DE5C 5A8E 0EE1 3849 3D99 BB18 562C BC1C

     Expected GPG warning

     gpg: WARNING: This key is not certified with a trusted signature!
     gpg:          There is no indication that the signature belongs to the owner.
     

     This warning is expected. It means the package is signed with the official TheHive release key, but you haven't marked this key as trusted in your local GPG setup. As long as you see Good signature and the fingerprint matches, the verification is successful. Don't mark our key as globally trusted—the warning is a normal safety reminder and should remain visible.

     If you don't see Good signature, if the fingerprint differs, or if the signature is reported as BAD, don't install the package. This indicates the integrity or authenticity of the file can't be confirmed. Report the issue to the StrangeBee Security Team.

3. Install the package.

   • Using apt-get to manage dependencies automatically:

     sudo apt-get install /tmp/cortex_3.2.1-2_all.deb
     

   • Using dpkg:

     sudo dpkg -i /tmp/cortex_3.2.1-2_all.deb
     

Destination path

The commands below use /tmp/ as the download path. Replace it with the full local directory path where you want to save the files.

1. Download the installation package along with its SHA256 checksum and signature files.

   • Using Wget:

     wget -O /tmp/cortex-3.2.1-2.noarch.rpm https://cortex.download.strangebee.com/3.2/rpm/cortex-3.2.1-2.noarch.rpm
     wget -O /tmp/cortex-3.2.1-2.noarch.rpm.sha256 https://cortex.download.strangebee.com/3.2/sha256/cortex-3.2.1-2.noarch.rpm.sha256
     wget -O /tmp/cortex-3.2.1-2.noarch.rpm.asc https://cortex.download.strangebee.com/3.2/asc/cortex-3.2.1-2.noarch.rpm.asc
     

     To download a specific version instead of the latest, use the following format:

     wget -O /tmp/<file_name>.noarch.rpm https://cortex.download.strangebee.com/<major.minor_version>/rpm/<file_name>.noarch.rpm
     wget -O /tmp/<file_name>.noarch.rpm.sha256 https://cortex.download.strangebee.com/<major.minor_version>/sha256/<file_name>.noarch.rpm.sha256
     wget -O /tmp/<file_name>.noarch.rpm.asc https://cortex.download.strangebee.com/<major.minor_version>/asc/<file_name>.noarch.rpm.asc
     

     • Replace <file_name> with the full name of the versioned file you want to install. For example, use cortex-3.1.8-1.
     • Replace <major.minor_version> with the corresponding version directory. For example, use 3.1.

   • Using cURL:

     curl -o /tmp/cortex-3.2.1-2.noarch.rpm https://cortex.download.strangebee.com/3.2/rpm/cortex-3.2.1-2.noarch.rpm
     curl -o /tmp/cortex-3.2.1-2.noarch.rpm.sha256 https://cortex.download.strangebee.com/3.2/sha256/cortex-3.2.1-2.noarch.rpm.sha256
     curl -o /tmp/cortex-3.2.1-2.noarch.rpm.asc https://cortex.download.strangebee.com/3.2/asc/cortex-3.2.1-2.noarch.rpm.asc
     

     To download a specific version instead of the latest, use the following format:

     curl -o /tmp/<file_name>.noarch.rpm https://cortex.download.strangebee.com/<major.minor_version>/rpm/<file_name>.noarch.rpm
     curl -o /tmp/<file_name>.noarch.rpm.sha256 https://cortex.download.strangebee.com/<major.minor_version>/sha256/<file_name>.noarch.rpm.sha256
     curl -o /tmp/<file_name>.noarch.rpm.asc https://cortex.download.strangebee.com/<major.minor_version>/asc/<file_name>.noarch.rpm.asc
     

     • Replace <file_name> with the full name of the versioned file you want to install. For example, use cortex-3.1.8-1.
     • Replace <major.minor_version> with the corresponding version directory. For example, use 3.1.

2. Verify the integrity of the downloaded package.

   • Check the SHA256 checksum by comparing it with the provided value.

     a. Generate the SHA256 checksum of your downloaded package.

     sha256sum /tmp/cortex-3.2.1-2.noarch.rpm
     

     b. Compare the output hash with the official SHA256 value listed in the .sha256 file.

     cat /tmp/cortex-3.2.1-2.noarch.rpm.sha256
     

     c. If both hashes match exactly, the file integrity is verified. If not, the file may be corrupted or tampered with—don't proceed with installation, and contact the StrangeBee Security Team.

   • Verify the GPG signature using the public key.

     a. Download the public key at keys.download.strangebee.com using Wget or cURL.

     wget -O /tmp/strangebee.gpg https://keys.download.strangebee.com/latest/gpg/strangebee.gpg
     

     curl -o /tmp/strangebee.gpg https://keys.download.strangebee.com/latest/gpg/strangebee.gpg
     

     b. Import the key into your GPG keyring.

     gpg --import /tmp/strangebee.gpg
     

     c. Verify the downloaded package signature.

     gpg --verify /tmp/cortex-3.2.1-2.noarch.rpm.asc /tmp/cortex-3.2.1-2.noarch.rpm
     

     d. Expected result.

     You should see output similar to:

     gpg: Good signature from "TheHive Project (TheHive release key) <support@thehive-project.org>"
     

     The key fingerprint must match: 0CD5 AC59 DE5C 5A8E 0EE1 3849 3D99 BB18 562C BC1C

     Expected GPG warning

     gpg: WARNING: This key is not certified with a trusted signature!
     gpg:          There is no indication that the signature belongs to the owner.
     

     This warning is expected. It means the package is signed with the official TheHive release key, but you haven't marked this key as trusted in your local GPG setup. As long as you see Good signature and the fingerprint matches, the verification is successful. Don't mark our key as globally trusted—the warning is a normal safety reminder and should remain visible.

     If you don't see Good signature, if the fingerprint differs, or if the signature is reported as BAD, don't install the package. This indicates the integrity or authenticity of the file can't be confirmed. Report the issue to the StrangeBee Security Team.

3. Install the package.

   • Using yum to manage dependencies automatically:

     sudo yum install /tmp/cortex-3.2.1-2.noarch.rpm
     

   • Using dnf to manage dependencies automatically:

     sudo dnf install /tmp/cortex-3.2.1-2.noarch.rpm
     

   • Using rpm:

     sudo rpm -ivh /tmp/cortex-3.2.1-2.noarch.rpm
     

Step 2: Remove the old repository

Then, remove or deactivate the old repository to avoid stale configurations.

Why you should remove or deactivate the old repository

Keeping the old repository configuration can cause your system to download outdated or conflicting packages during updates, potentially breaking your installation or causing unexpected behavior.

DEBRPM

Run the following commands:

sudo rm /etc/apt/sources.list.d/strangebee.list
sudo apt-get update

a. Deactivate the repository.

```bash
sudo yum-config-manager --disable strangebee
```

b. Optional: Remove the repository file.

```bash
sudo rm /etc/yum.repos.d/strangebee.repo
sudo yum clean all
```

Next steps

• Switch to Manual Download and Installation for TheHive