This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Revenera Community
- :
- InstallShield
- :
- InstallShield Forum
- :
- Invalid digital signature on SAB causing fatal error 7210
Subscribe
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Feb 14, 2014
05:47 PM
Invalid digital signature on SAB causing fatal error 7210
Hello-
When I build a project with IS2013 I am getting a fatal error 7210:
ISDEV : fatal error -7210: Failed to verify digital signature of C:\Program Files (x86)\InstallShield\2013 SP1 SAB\System\ISWIBuild.dll
I looked at the digital signature on the dll and it could not be verified by windows. The certification path includes a Verisign Class 3 Public Primary Certification Authority - G5 which I have explicitly disabled on my build system for code signing. The reason for this is that I have to support disconnected clients running very old versions of windows XP and in some case Win2k. The new Verisign key is not present on the old systems. This causes WinTrustVerify errors when users attempt to install a product signed with this key.
Does anyone know if there is any workaround for this that will allow me to keep this G5 cert disabled? Further, does anyone know what certs were available in IE 8.0? I can't seem to find the list.
I am assuming that it was included in IE 8.0 since the cert in question was generated in 2006 and IE8.0 was released in 2009. This is only an assumption. I would like some documentation to back up my theory before I propose anything to my managers about changing our entire product line's system requirements. In case you are wondering, I mention IE8 specifically since IE at least used to be the delivery method for these CA Updates.
As a secondary workaround I could use the XP hotfix to update the CA's but there is no similar one for Win2k...
Regards
When I build a project with IS2013 I am getting a fatal error 7210:
ISDEV : fatal error -7210: Failed to verify digital signature of C:\Program Files (x86)\InstallShield\2013 SP1 SAB\System\ISWIBuild.dll
I looked at the digital signature on the dll and it could not be verified by windows. The certification path includes a Verisign Class 3 Public Primary Certification Authority - G5 which I have explicitly disabled on my build system for code signing. The reason for this is that I have to support disconnected clients running very old versions of windows XP and in some case Win2k. The new Verisign key is not present on the old systems. This causes WinTrustVerify errors when users attempt to install a product signed with this key.
Does anyone know if there is any workaround for this that will allow me to keep this G5 cert disabled? Further, does anyone know what certs were available in IE 8.0? I can't seem to find the list.
I am assuming that it was included in IE 8.0 since the cert in question was generated in 2006 and IE8.0 was released in 2009. This is only an assumption. I would like some documentation to back up my theory before I propose anything to my managers about changing our entire product line's system requirements. In case you are wondering, I mention IE8 specifically since IE at least used to be the delivery method for these CA Updates.
As a secondary workaround I could use the XP hotfix to update the CA's but there is no similar one for Win2k...
Regards
(1) Reply
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Feb 18, 2014
04:33 PM
If you extract and trust our certificate directly, I think that might sidestep your concern about adding the updated root certificates. InstallShield 2013 does not support Windows 2000, so that related issue might not be relevant any longer.