diff --git a/bundle/bundle.go b/bundle/bundle.go
index 13ec7fe561..d077bda5c0 100644
--- a/bundle/bundle.go
+++ b/bundle/bundle.go
@@ -750,10 +750,24 @@ func hashBundleFiles(hash SignatureHasher, b *Bundle) ([]FileInfo, error) {
 		files = append(files, NewFile(strings.TrimPrefix(wasmModule.Path, "/"), hex.EncodeToString(bs), defaultHashingAlg))
 	}
 
-	bs, err = hash.HashFile(b.Manifest)
+	// Parse the manifest into a JSON structure;
+	// then recursively order the fields of all objects alphabetically and then apply
+	// the hash function to result to compute the hash.
+	mbs, err := json.Marshal(b.Manifest)
 	if err != nil {
 		return files, err
 	}
+
+	var result map[string]interface{}
+	if err := util.Unmarshal(mbs, &result); err != nil {
+		return files, err
+	}
+
+	bs, err = hash.HashFile(result)
+	if err != nil {
+		return files, err
+	}
+
 	files = append(files, NewFile(strings.TrimPrefix(ManifestExt, "/"), hex.EncodeToString(bs), defaultHashingAlg))
 
 	return files, err
diff --git a/bundle/bundle_test.go b/bundle/bundle_test.go
index 314c981c9b..d2d79a63bf 100644
--- a/bundle/bundle_test.go
+++ b/bundle/bundle_test.go
@@ -851,7 +851,9 @@ func TestRoundtrip(t *testing.T) {
 			},
 		},
 		Manifest: Manifest{
+			Roots:    &[]string{""},
 			Revision: "quickbrownfaux",
+			Metadata: map[string]interface{}{"version": "v1", "hello": "world"},
 		},
 	}