Symptom
The UPLINX installer fails with the error message shown in the screenshot below : The verbiage is: A file that is required cannot be installed because the cabinet file <installer filename> has an invalid digital signature. This may indicate that the cabinet file is corrupt.
UPLINX installer files issued before May 2023 are signed with a SECTIGO RSA Code Signing CA certificate. Scroll down how to see theSECTIGO Certification path.
•If you see the name SECTIGO in the root certificate, please use the steps outline on this page.
•If you see the name SSL.COM in the root certificate, this is the latest installer, please use the steps in the main article 'Installer Fails - Invalid Digital Signature (SSL.COM)'.
This can occur for any UPLINX product such as Phone Control Tool, Provisioning System, Track & Audit or Cleanup Tool. The following screenshots show the error message for UPLINX Report Tool but all UPLINX products use the same code signing certificate.
•
Cause
Microsoft Windows does not recognize the code signing certificate of the UPLINX installer. The UPLINX code signing certificate is based on SECTIGO Certificate Authority (CA) as root certificate. If the root certificate is not present, Windows can not validate the UPLINX certificate and above message will appear. When internet access is present, Windows will automatically download new root certificates. So this issue occurs on disconnected (no internet access) machines that have not been Windows updated.
Solution
There are 3 options to install the missing certificates:
1.) Manually install the required SECTIGO RSA Code Signing CA certificates from https://www.tbs-certificates.co.uk/FAQ/en/racine-USERTrustRSACertificationAuthority.html . Save these certificate file, double click on the cert to import it. Choose "Install Certificate..." and then, Local Machine, select "Trusted Root Certification Authorities" as per screenshot below.
2.) Run Windows Update
3.) Install the Root Certificate update for Windows from Microsoft: https://support.microsoft.com/en-us/help/931125/how-to-get-a-root-certificate-update-for-windows
What should the Certificate Path look like?
Right click on the UPLINX installer executable in Windows File Explorer and select Properties > Digital Signatures > Details > View Certificate > tab Certification Path.
UPLINX Code Signing Certificate Details
The error message says the file is corrupt, is this correct?
No. The cause is the missing root certificates. If you suspect the file is really corrupt, please check the MD5 checksum of the downloaded installer as listed on https://www.uplinx.com/downloads/
How to resolve 'Countersignature is not valid'?
If the Countersignature is not valid as per screenshot above, install the root certificate "VeriSign Universal Root Certification Authority " (from the issuer of the "Symantec SHA256 TimeStamping CA" certificate) in case it missing on this computer.
It can be imported via this link: https://symantec.tbs-certificats.com/vsign-universal-root.cer
|